Criado por Ernesto Hata
mais de 6 anos atrás
|
||
Questão | Responda |
290820180330 1. Discuss and describe the CIA TRIAD. part 1 | 1. The CIA Triad is the combination of Confidentiality, integrity, and availability. Confidentiality is the concept of the measures medidas used to ensure the protection of the secrecy of data, information, or resources. Integrity is the concept of protecting the reliability confiança and correctness exatidão of data. |
290820180330 1. Discuss and describe the CIA TRIAD. part 2 | Availability is the concept that authorized subjects are granted timely and uninterrupted access to objects. The term CIA Triad is used to indicate the three key components of a security solution. |
290820180330 2. What are the requirements to hold a person accountable for the actions of their user account ? | The requirements of accountability are identification, authentication, authorization, and auditing. Each of these components needs to be legally supportable to truly hold someone accountable for their actions. |
290820180350 3- describe the benefits of change control management. | The benefits of change control management include preventing unwanted security reduction because of uncontrolled change, documenting and tracking rastrear of all alterations in the environment, standardization, conforming with security policy, and the ability to roll back changes in the event of an unwanted or unexpected outcome. |
290820180350 4- What are the seven major steps or phrases in the implementation of a classification scheme ? part 1 | (1) Identity the custodian, and define their responsibilities. (2) Specify the evaluation criteria of how the information will be classified and labeled. (3) Classifying label each resource. Although the owner conducts this step, a supervisor should review it. (4) Document any exceptions to the classification policy that are discovered, and integrate them into evaluation criteria. |
290820180350 4- What are the seven major steps or phrases in the implementation of a classification scheme ? part 2 | 5) select the security control that will be applied to each classification level to provide the necessary level of protection. (6) Specify the procedures for declassifying resources and procedures for transfer. custodian a resource to an external entity. (7) Create an enterprise-wide awareness program instruct all personnel about the classification system. |
290820182110 5. Name the six primary security roles as defined by (ISC)2 for CISSP. | The six security roles are: - Senior management - IT/Security Staff - owner - custodian - operator / user - Bob auditor. |
290820180420 6. What are the four components of a complete organizational security policy and their basics purpose ? | The four components of a security policies are: policies, standards, guidelines, and procedures. Policies are broad security statements. Standards are definitions of hardware and software security compliance. Guidelines are used when there is not an appropriate procedure Procedures are detailed step-by-step instructions for performing work task in a secure manner. |
Quer criar seus próprios Flashcards gratuitos com GoConqr? Saiba mais.