1
Q
Functional Order of Physical Controls
A
6 D’s: Deter, Deny, Detect, Delay, Determine, Decide
2
Q
COBIT
A
Control Objectives for Information and Related Technologies. It’s a security control framework
3
Q
COBIT 6 Principles
A
- Provide stakeholder value
- Holistic approach
- Dynamic governance system
- Governance distinct from Management
5.Tailored to Enterprise - End to End Governance System
4
Q
Classes of Controls (3)
A
Administrative: aka managerial
Logical/Technical
Physical
<assets>
</assets>
5
Q
Tailoring
A
Aligns controls with business security requirements. Includes assigning control values.
6
Q
Scoping
A
Part of Tailoring process where you review list of baseline security controls and select only those that apply to the IT systems in use. Scoping eliminates controls that don’t apply to business.
CISSP
flashcards
Decks in class (27)
# Cards
-
Risk Management7
-
Controls6
-
BC/DC4
-
Common Protocols and Ports17
-
Incident Response2
-
Encryption/Cryptography-General20
-
Symmetric Key Cryptography20
-
Security models20
-
Networking General6
-
Protections2
-
Ethics and investigations5
-
Threats4
-
Assessment and Testing8
-
Data Protection Methods5
-
Multi-tasking5
-
SSO Solutions7
-
Secure Network Architecture3
-
Software Development Security6
-
Network Attacks4
-
Software Review Testing4
-
IP Networking2
-
Web Application Vulnerabilities2
-
Controlling and monitoring Access13
-
NIST publications4
-
Malicious code and applications1
-
Physical Security Controls4
-
Governance2
