Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Cyber Security 601 > IT Security Framework > Flashcards

IT Security Framework Flashcards

1
Q

What do we use IT Security Frameworks for?

A

As a basis for out policies, procedures, and standards.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Who makes the consensus-developed secure configuration guidelines for hardening, prescriptive, prioritized, and “simplified” cybersecurity best practices?

A

Center for Internet Security (CIS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What framework integrates security and risk management into the development life cycle?

A

Risk Management Framework (RMF)

Exam Tip: Made by NIST, used by federal government

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What set of industry standards and best practices is created by NIST to help manage cybersecurity risks?

A

Cybersecurity Framework (CSF)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What international standard details requirements for establishing, implementing, and maintaining a continually improving Information Security Management System (ISMS)?

A

ISO 27001

Note: Information Systems

Note: This is a basic procedure for cyber security and is an international standard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What international standard provides best practice recommendations for controls on Information Security Management Systems?

A

ISO 27002

Note: Controls to protect Information Systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What international standard acts as a privacy extension for ISO 27001?

A

ISO 27701

Note: Privacy for Information Systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What international standard regards risk management?

A

ISO 31000

Note: Risk Management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the audit performed in conjunction with using controls such as NIST?

A

System and Organization Controls (SOC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What standard is based on the following Trust Services Criteria: security, availability, processing integrity, confidentiality, privacy?

A

SOC 2

Note: Expect to see SOC 2 on exam.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What audit addresses the operational effectiveness of the security controls implemented over a specified amount of time.

A

SOC 2 Type II

Note: It’s just checking how effective your implementation of the security controls are.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What security framework addresses cloud security for vendors and customers?

A

Cloud Security Alliance’s Cloud Control Matrix

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What methodology and set of tools do we use as a reference for cloud security?

A

Cloud Security Alliance’s Reference Architecture

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Cyber Security 601 (118 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions