Which of the following provides advice about the

This preview shows page 3 - 6 out of 7 pages.

We have textbook solutions for you!
The document you are viewing contains questions related to this textbook.
CompTIA Security+ Guide to Network Security Fundamentals
The document you are viewing contains questions related to this textbook.
Chapter 12 / Exercise 6
CompTIA Security+ Guide to Network Security Fundamentals
Ciampa
Expert Verified
19.Which of the following provides advice about the implementation of sound controls and control objectives for InfoSec. and was created by the Information Systems Audit and Control Association (ISACA) and the IT Governance Institute?a.COBITc.NISTb.COSOd.ISOANS: A
PTS:1REF:236-23720.The COSO framework is built on five interrelated components. Which of the following is NOT one of them?
We have textbook solutions for you!
The document you are viewing contains questions related to this textbook.
CompTIA Security+ Guide to Network Security Fundamentals
The document you are viewing contains questions related to this textbook.
Chapter 12 / Exercise 6
CompTIA Security+ Guide to Network Security Fundamentals
Ciampa
Expert Verified
PTS:1REF:238-239COMPLETION1.To design a security blueprint, an organization can use a(n) ____________________, which is a generic blueprint offered by a service organization.
PTS:1REF:2132.ISO/IEC 27001 provides implementation details using a(n) ____________________ cycle.
PTS:1REF:2293.The ____________________ principle is based on the requirement that people are not allowed to viewdata simply because it falls within their level of clearance.
PTS:1REF:2174.____________________ channels are unauthorized or unintended methods of communications hidden inside a computer system, and include storage and timing channels.
PTS:1REF:2205.In the COSO framework, ___________ activities include those policies and procedures that support management directives.
PTS:1REF:238MATCHINGa.blueprintf.sensitivity levelsb.DACg.storage channelsc.content-dependent access controlsh.task-based controlsd.rule-based access controlsi.timing channelse.separation of dutiesj.TCB1.controls where access to a specific set of information may be dependent on its content2.One of the TCSEC’s covert channels, which transmit information by managing the relative timing of events
3.ratings of each collection of information as well as each user4.sets out the model to be followed in the creation of the design of security controls5.a type of data access control in which individuals are allowed to use data, based on their job responsibilities6.the combination of all hardware, firmware, and software responsible for enforcing the security policy7.requires that significant tasks be split up in such a way that more than one individual is responsible for their completion.8.controls implemented at the discretion or option of the data user9.one of the TCSEC’s covert channels, which communicate by modifying a stored object10.access is granted based on a set of rules specified by the central authority1.ANS: CPTS:1REF:219
PTS:1REF:221
PTS:1REF:214
PTS:1REF:212
PTS:1REF:218
PTS:1REF:220
PTS:1REF:214
PTS:1REF:219
PTS:1REF:220
PTS:1REF:219SHORT ANSWER1.Access controls are build on three key principles. List and briefly define them.

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture