Sec+ 601 Flashcards by Cayla Wright

A CSO is interested in determining the security posture of a cloud provider
who may provide service to their organization in the future. Which of the
following would the CSO want to review?

PCI DSS standards

SOC 2 report

CSF framework

SLA contract

SOC 2 report
A service organization controls (SOC) report (not to be confused with the other SOC acronym,
security operations center) is a way to verify that an organization is following some specific best practices before you outsource a business function to that organization.

How well did you know this?

Not at all

Perfectly

What type of control would make an organization aware of an intrusion or
compromise?

Detective

Corrective

Protective

Preventive

Detective

How well did you know this?

Not at all

Perfectly

What control type resolves a previously discovered issue and mitigates a
risk going forward?

Corrective

Detective

Preventative

Finalized

Corrective

How well did you know this?

Not at all

Perfectly

Which ISO standard is specifically designed for certifying privacy?

How well did you know this?

Not at all

Perfectly

How well did you know this?

Not at all

Perfectly

How well did you know this?

Not at all

Perfectly

How well did you know this?

Not at all

Perfectly

How well did you know this?

Not at all

Perfectly

How well did you know this?

Not at all

Perfectly

How well did you know this?

Not at all

Perfectly

How well did you know this?

Not at all

Perfectly

How well did you know this?

Not at all

Perfectly

How well did you know this?

Not at all

Perfectly

How well did you know this?

Not at all

Perfectly

How well did you know this?

Not at all

Perfectly

Brainscape's Knowledge GenomeTM

Sec+ 601 Flashcards

Brainscape's Knowledge Genome^TM