Exam (elaborations)
(ISC)2, CSA, NIST, ISO, and More: A Comprehensive Guide to Security Certifications and Standards
- Course
- Institution
(ISC)2, CSA, NIST, ISO, and More: A Comprehensive Guide to Security Certifications and Standards
[Show more]
Content preview
Name: Score:80 Multiple choice questions
Term 1 of 80
ISO/IEC 27034-1
Mandates framework for application security within an organization
Regulates protection of PII in healthcare and healthcare insurance industries
Standard providing principles and guidelines on risk management
Requires financial companies to safeguard customer data
Definition 2 of 80
Concept of ISO 27034: Multiple ANFs for applications
Recovery time objective (RTO)
Application Normative Framework (ANF)
Standard Application Security (SAS)
Organizational Normative Framework (ONF)
Definition 3 of 80
Best practices for information security controls
Uptime Institute
ISO/IEC 27002
ISO/IEC 27001
ISO/IEC 28000:2007
,Definition 4 of 80
Mean time to repair, time to restore a system after an outage
OSHA
USPTO
SABSA
RTO
Term 5 of 80
SOC 1 Report
Standard for security assurance in the supply chain
Focuses on controls associated with financial services
Reports on confidentiality, processing integrity, availability, privacy, and security
Best practices for information security controls
Definition 6 of 80
European Union Agency for Cybersecurity, publishes top threats each year
COBIT
ENISA
PCI DSS
LDAP
, Definition 7 of 80
Monitors network activity between users and cloud applications, enforces security policy, and
blocks malware
Cloud Access Security Brokers (CASBs)
Capability Maturity Model (CMM)
Cloud Security Alliance Cloud Controls Matrix (CSA CCM)
US Office of Management and Budget (OMB)
Term 8 of 80
International Standards Organization (ISO)
Audit reports for establishing trust and confidence in service delivery
International standards body
American Society of Heating, Refrigerating and Air-Conditioning Engineers
Nonprofit organization improving software security, known for top 10 web application
security concerns
Definition 9 of 80
Framework containing multiple application security best practices
Recovery time objective (RTO)
Organizational Normative Framework (ONF)
Mean time between failure (MTBF)
ISACA's COBIT
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller stuuviaa. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
77858 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now