What cobit - Study guides, Class notes & Summaries

How many steps in NIST RMF? Correct Answer 6 Name steps of the NIST RMF Correct Answer 1) Categorize Info Systems 2) Select Security Controls 3) Implement Security Controls 4) Assess Security Controls 5) Authorize Info Systems 6) Monitor Security Controls What are the layers of COBIT? Correct Answer Governance and Management What are the Management layers of COBIT? Correct Answer 1) Align, Plan, and Organize 2) Build, Acquire, and Implement 3) Deliver, Service, and Support 4) Mo...

ISC2 CGRC Documentation Test Exam Questions With 100% Correct Answers. What methodology does ISO 9001 use? - answerPlan-Do-Check What is the Committee of Sponsoring Organizations? - answerProvides a risk management framework. What are the Committee of Sponsoring Organizations (COSO) risk management framework eight components? - answerInternal environment, Objective settings, Event identification, Risk assessment, Risk responses, Control activities, Information and communication, Monitorin...

CEH v10 Vocabulary Test with Complete Solutions The five subsections of HIPPA - Answer-Electronic Transaction and Code Sets, Privacy Rule, Security Rule, National Identifier Requirements, and Enforcement The Sarbanes-Oxley (SOX) Act - Answer-created to make corporate disclosures more accurate and reliable in order to protect the public and investors from shady behavior. There are 11 titles within SOX that handle everything from what financials should be reported and what should go in them, t...

Access Control - A security measure that defines who can access a computer, device, or network, when they can access it, and what actions they can take while accessing it. AUP (Acceptable Use Policy) - A Set of rules and guidelines that are set up to regulate Internet use and to protect the user. Cloud Architecture Risk - Risks associated with the various types of cloud services such as: Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IAAS) COBIT...

ISC2 CGRC UPDATED Exam Questions and CORRECT Answers What methodology does ISO 9001 use? - Ans Plan-Do-Check What is the Committee of Sponsoring Organizations? - Ans Provides a risk management framework. What are the Committee of Sponsoring Organizations (COSO) risk management framework eight components? - Ans Internal environment, Objective settings, Event identification, Risk assessment, Risk responses, Control activities, Information and communication, Monitoring What is the diffe...

Who is responsible for the governance of the enterprise? - ANSWERBoard of Directors What is corporate governance's purpose? - ANSWERto help build an environment of trust, transparency, and accountability to foster long-term investment, financial stability, and business integrity All stakeholders provide ______ into IT-decision making processes - ANSWERinput IT resource management - ANSWERmaintain updated inventory of IT assets and address risk management Performance management - A...

Once an organization clearly defines its IP, the security policies should specify how to ___________ documents with marks or comments, and ____________ the data, which determines in what location the sensitive file should be placed.label, classify Which of the following is not one of the four domains that collectively represent a conceptual information systems security management life cycle?evaluate, assess, and perform The COBIT Monitor, Evaluate, and Assess domain looks at specific bus...

Which best represents the link between all key roles in the COBIT5 framework? A) Owners and stakeholders > management > governing body > operations and execution B) Governing body > owners and stakeholders > management > operations and execution C) Operations and execution > management > governing body > owners and stakeholders D) Owners and stakeholders > governing body > management > operations and execution D) Owners and stakeholders > governing bod...

CISSP EXAM REVIEW QUESTIONS & ANSWERS, GRADED A+ VERIFIED/ 1. Which of the following best describes the relationship between COBIT and ITIL? A. COBIT is a model for IT governance, whereas ITIL is a model for corporate governance. B. COBIT provides a corporate governance roadmap, whereas ITIL is a customizable framework for IT service management. C. COBIT defines IT goals, whereas ITIL provides the process-level steps on how to achieve them. D. COBIT provides a framework for achieving bu...

What is the difference between a standard and a policy? Correct Answer Standard = A mandatory action, explicit rules, controls or configuration settings that are designed to support and conform to a policy. A standard should make a policy more meaningful and effective by including accepted specifications for hardware, software or behavior. Standards should always point to the policy to which they relate. Policy = IT policies help organizations to properly articulate the organization's desired ...