ISC 1week Flashcards
根據COBIT 2019中不同管理目標的具體內容,以下應該是哪個目標
·Focuses on integrating IT solutions into business processes.
·Manages capacity, organizational changes, and IT assets.
COBIT 2019 - Build, Acquire, and Implement (BAI)
Managed knowledge, managed organizational change, and managed availability and capacity
管理知識、管理組織變革,以及管理可用性和能力
changes
根據COBIT 2019中不同管理目標的具體內容,以下應該是哪個目標
·Directly related to managing security services and ensuring continuity.
COBIT 2019 - Deliver, Service, and Support (DSS)
·Focuses on IT service delivery, security, and support.
Covers IT security (DSS05), business process controls (DSS06), and business continuity (DSS04).
根據COBIT 2019中不同管理目標的具體內容,以下應該是哪個目標
·Involves internal control management but does NOT specifically address IT security, business process controls, or business continuity.
COBIT 2019 - Monitor, Evaluate, and Assess (MEA)
-專注於評估 IT 績效,並確保與目標一致。
根據COBIT 2019中不同管理目標的具體內容,以下應該是哪個目標
·Focuses on evaluating IT performance and ensuring alignment with targets.
COBIT 2019 - Monitor, Evaluate, and Assess (MEA)
-專注於評估 IT 績效,並確保與目標一致。
根據COBIT 2019中不同管理目標的具體內容,以下應該是哪個目標
·Focuses on IT strategy, governance, and planning.
·Supports core functions like HR, budgeting, and risk management.
COBIT 2019 - Align, Plan, and Organize (APO)
planing
根據COBIT 2019中不同管理目標的具體內容,以下應該是哪個目標
ensured stakeholder management, ensured resource optimization, and ensured benefits delivery
Evaluate, Direct, and Monitor (EDM)
EDM
Ensured governance framework setting and maintenance, ensured benefits delivery, ensured risk optimization, ensured resource optimization, and ensured stakeholder engagement.
包括五個目標:確保管治架構的設定與維護、確保效益交付、確保風險最佳化、確保資源最佳化、確保利害關係人參與。
stakeholder
Inheritance controls
controls implemented at the organizational level and adopted/inherited by information systems.
“繼承控制”是指在組織層面上實施的控制措施,這些措施可以被信息系統採用或繼承。這類控制措施通常適用於整個組織的多個系統,因此單個系統不需要各自實施相同的控制,而是直接繼承組織層面的控制。
例子:
安全策略:組織在全公司範圍內實施了一套網絡安全策略,所有的IT系統都必須遵守這些策略。這樣,個別系統不需要為自己制定安全策略,而是繼承了組織層級的安全控制。
Baseline controls
Baseline controls are required to be in conformance to the control family. Baseline controls do not enhance existing controls.
基線控制是指必須符合控制家族(即一組相關聯的安全控制措施)的基本控制措施。基線控制通常是最低要求的控制,旨在確保系統的安全性達到基本標準,但它們不會增強現有的控制措施。
例子:
訪問控制:組織要求每個系統都至少使用密碼保護用戶帳戶,這是基線控制的一部分。這是一個基本的安全措施,確保每個系統的訪問控制達到最低標準,但它不會進一步增強(如多因素認證則屬於增強控制)。
which control?
Actively manage (inventory, track, and correct) all enterprise assets (end-user devices, including portable and mobile; network devices; non-computing/Internet of Things (IoT) devices; and servers) connected to the infrastructure physically, virtually, remotely, and those within cloud environments, to accurately know the totality of assets that need to be monitored and protected within the enterprise. This will also support identifying unauthorized and unmanaged assets to remove or remediate.
Control 01: Inventory and Control of Enterprise Assets
涉及主動管理(清單、跟蹤和修正)所有企業資產,包括實體和虛擬基礎設施,準確了解需要監控和保護的資產,並識別未經授權的資產。
which control?
Actively manage (inventory, track, and correct) all software (operating systems and applications) on the network so that only authorized software is installed and can execute, and that unauthorized and unmanaged software is found and prevented from installation or execution.
Control 02: Inventory and Control of Software Assets
專注於管理和控制軟體,以防止未經授權的應用程式執行。
which control?
Develop processes and technical controls to identify, classify, securely handle, retain, and dispose of data.
Control 03: Data Protection
開發過程和技術控制以識別、分類、安全處理、保留和處理數據
which control?
Establish and maintain the secure configuration of both software and assets within the enterprise
Control 04: Secure Configuration of Enterprise Assets and Software
涉及建立和維護企業資產和軟件的安全配置,包括終端用戶設備、網絡設備、物聯網設備和伺服器。
which control?
Use processes and tools to assign and manage authorization to credentials for user accounts, including administrator accounts, as well as service accounts, to enterprise assets and software.
Control 05: Account Management
專注於管理與各種帳戶綁定的憑證授權(用戶驗證身份之後可以做什麼,例如管理員帳戶和一般帳戶)。
which control?
Use processes and tools to create, assign, manage, and revoke access credentials and privileges for user, administrator, and service accounts for enterprise assets and software.
Control 06: Access Control Management
使用流程和工具來建立、指派、管理和撤銷企業資產和軟體的使用者、管理員和服務帳號的存取憑證和權限。
專注於管理各種帳戶的存取憑證(帳號密碼)和權限。
which control?
Develop a plan to continuously assess and track vulnerabilities on all enterprise assets within the enterprise’s infrastructure, in order to remediate and minimize the window of opportunity for attackers. Monitor public and private industry sources for new threat and vulnerability information.
Control 07: Continuous Vulnerability Management
涉及制定計劃,持續評估和跟踪所有企業資產上的漏洞,以減少攻擊機會,並監控行業來源的新威脅信息。
which control?
Collect, alert, review, and retain audit logs of events that could help detect, understand, or recover from an attack.
Control 08: Audit Log Management
專注於蒐集和管理稽核記錄,以偵測和回應安全事件。
which control?
Improve protections and detections of threats from email and web vectors, as these are opportunities for attackers to manipulate human behavior through direct engagement.
Control 09: Email and Web Browser Protections
改善對來自電子郵件和網頁瀏覽器的威脅的保護和檢測,這些是攻擊者通過直接接觸來操縱人類行為的機會。
which control?
Prevent or control the installation, spread, and execution of malicious applications, code, or scripts on enterprise assets.
Control 10: Malware Defenses
which control?
the recommendation to establish and maintain practices relevant to data sufficient to restore in-scope enterprise assets to a pre-incident and trusted state
Control 11: Data Recovery
protecting recovery data and performing automated backups.
涉及保護恢復數據和執行自動化備份。
which control?
Establish, implement, and actively manage (track, report, correct) network devices in order to prevent attackers from exploiting vulnerable network services and access points.
Control 12: Network Infrastructure Management
包括安全管理網絡基礎設施、確保網絡組件更新及建立和維護安全的網絡架構。
securely managing the network, ensuring the network components are up-to-date, and establishing and maintaining a secure network architecture
Control 12 強調網絡設備的主動管理和配置,防止攻擊者利用基礎設施中的漏洞。(未發生)
which control?
Operate processes and tooling to establish and maintain comprehensive network monitoring and defense against security threats across the enterprise’s network infrastructure and user base.
collecting network traffic flow logs, managing access controls for remote assets, and centralizing security event alerting.
Control 13: Network Monitoring and Defense
包括收集網絡流量日誌、管理遠程資產的訪問控制及集中安全事件警報。
Control 13 強調監控和防禦,以便及時發現和應對已經發生的安全威脅。(偵測和控制)
which control?
establishing and maintaining a security awareness program, training workforce members to recognize social engineering attacks, and training workforce members on authentication best practices.
Control 14: Security Awareness and Skills Training
涉及建立和維護安全意識計劃、訓練員工識別社會工程攻擊及最佳身份驗證實踐。
which control?
Develop a process to evaluate service providers who hold sensitive data or are responsible for an enterprise’s critical IT platforms or processes, to ensure these providers are protecting those platforms and data appropriately.
Control 15: Service Provider Management
制定一套程序,以評估持有敏感資料或負責企業關鍵 IT 平台或程序的服務供應商,確保這些供應商適當地保護這些平台和資料。
which control?
Manage the security life cycle of in-house developed, hosted, or acquired software to prevent, detect, and remediate security weaknesses before they can impact the enterprise.
Control 16: Application Software Security
涉及管理自家開發、托管或購買的軟件的安全生命週期,以防止、檢測和修補安全漏洞,防止其影響企業。