Domain 1 set 3 Flashcards
(32 cards)
What is the most common type of policy?
Advisory
Who is responsible for Data Classifications?
Data owners
Who handles the Day to Day Data Governance
Data Steward
A Scheme for classifying Data with Categories?
Taxonomy
HR, Executives, union, ETC…
The Cost of Security of a Risk comes from?
Quantitative anaysis
Aweakness or lack of a safeguard?
Vulnerability
3 ways to Mitigate Risk?
- Reduce2. Accept3. Transfer
Security Governance is the reponsabley of who?
upper management (the Board)
Which standard comes from ISACA?
COBIT
How long is a trademark?
10 years
A dollar figure that represents what the asset is worth to the organization
(AV) Asset Value
What are The Risk control Frameworks?
- COSO
- COBIT
- ISO 27001
- NIST 800_53 (government agencies)
What type of law regulates conduct for company’s
Administrative (regulatory)
minimum acceptable security configuration for a system or process
baseline
How long is the Strategic plan made for?
5 years
Determining which portions of the a standard an organization will use?
Scoping
What process finds trust boundaries and data flow paths?
Reduction Analysis
SCI
Sensitive Compartmented Information
A security Camera is what type of control?
Technical Control
Who sets the frame work?
upper management (the Board)
Types of intellectual property’s
- trade Secrets
- Copyrights
- Trademarks
- Patents
Delphi Technique is part of?
Qualitative Risk Analysis
Vertical Control and Horizontal Control are?
(SCI) Sensitive Compartmented InformationGovernment
The 3 Risk Methodologies?
- Octave
- Frap
- NIST 800-30
