SBOLC Security Fundamentals Question and answers correctly solved
5 views 0 purchase
Course
SBOLC
Institution
SBOLC
SBOLC Security Fundamentals Question and answers correctly solved SBOLC Security Fundamentals
NIST - correct answer National Institute of Standards and Technology
What is the NIST Risk Management Framework (RMF)? - correct answer -Overall framework for the U.S. federal government to ma...
SBOLC Security Fundamentals
NIST - correct answer ✔National Institute of Standards and Technology
What is the NIST Risk Management Framework (RMF)? - correct answer ✔-
Overall framework for the U.S. federal government to manage
organizational risk throughout the system development life cycle
-Focuses on security control selection, deployment, and auditing
using a seven-step model
-Includes certification and accreditation
Clean Desk Policy - correct answer ✔Secure sensitive items when not in use
Principle of least privilege management - correct answer ✔Just what you
need to do your job
Mandatory vacations - correct answer ✔-best way to uncover fraud
-part of onboarding procedures
Job Rotation (rotation of duties) - correct answer ✔-Identify or uncover fraud
-Cross training / Experience for employees
Separation of Duties - correct answer ✔Partitions responsibilities to minimize
abuse or fraud
Hiring and Termination Policy Elements - correct answer ✔-Background
checks
,-Social media analysis
-Onboarding procedures (NDA/AUP/Sign for equipment)
-Offboarding procedures (NDA/Return of equipment)
-Exit interview
-Non-disclosure Agreement (NDA)
AUP - correct answer ✔Acceptable Use Policy
EOL - correct answer ✔End of Life
EOS - correct answer ✔End of Service
MOA - correct answer ✔Memorandum of Agreement
-A legally binding written document between multiple parties on a
project detailing how they will work together to achieve
agreed-upon goals and objectives.
MOU - correct answer ✔Memorandum of Understanding
-A less formal agreement of mutual goals between two or more
organizations with a focus on partitioning of responsibilities
BPA - correct answer ✔Business Partners Agreement
-A written agreement defining the general relationship between
,business partners with a focus on financial matters
Information Lifecycle Model - correct answer ✔-Creation
-Processing
-Dissemination
-Usage
-Storage
-Disposal
Generic Information Classifications - correct answer ✔-Low
-Medium
-High
Military Information Classifications - correct answer ✔-Unclassified
-Confidential
-Secret
-Top Secret
Business Information Classifications - correct answer ✔-Public
-Private
-Proprietary
-Confidential
Types of Protected Information - correct answer ✔-Personally Identifiable
Information (PII)
-Personal/Protected Health Information (PHI)
, -Financial Information
-Government Data
-Customer Data
Risk Management - correct answer ✔The process of identifying, monitoring,
and reducing risk to an acceptable level.
Risk Analysis - correct answer ✔-Threat (the potential to cause harm to an
asset)
-Vulnerability (a flaw or hole in the security posture)
-Exploit (a method or technique used to manipulate a faw)
-Safeguard (a mitigation security control)
Risk Management Strategies - correct answer ✔-Acceptance: Have an
established plan of action
-Avoidance: Removing the activity that creates risk
-Transference: Offloading the risk to an external party
-Mitigation: Reducing risk by installing security control, safeguard, or
countermeasures
Types of RIsk - correct answer ✔-Externally-Derived Risk
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Academia199. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.49. You're not tied to anything after your purchase.