SABSA - Risk & Policy Management Architecture -(Questions With Comprehensive Solutions)

SABSA - Risk & Policy Management Architecture -
(Questions With Comprehensive Solutions)

What is the Risk Level (WHY (Motivation) for the Logical Layer in SABSA
Correct Answer - Business risks and opportunities are assigned to Logical
Domain

What is the Policy Level (WHY (Motivation) for the Logical Layer in SABSA?
Correct Answer - The appetite and strategy are articulated in Logical Policy

What is the Control Level (how(process) for the Logical Layer in SABSA
Correct Answer - Security Services are used to implement policies in the
logical layer.

What is managed at the Logical Layer in SABSA Correct Answer - The
Management of Security Services is handled at this layer.

What is the Risk Level for the Physical Layer in SABSA Correct Answer -
Risks and opportunities are related to the Physical Environment and
Infrastructure Domains.

What is the Policy Level for the Physical Layer in SABSA Correct Answer -
Managed through Physical Procedures derived from the policy in the logical
layer.

What is the Control Level for the Physical Layer in SABSA Correct Answer -
Security Mechanisms are used to implement physical policies.

What is managed at the Physical Layer in SABSA Correct Answer - The
Management of Infrastructure and Environment is handled at this layer.

What is the Risk Level for the Component Layer in SABSA Correct Answer -
Risks and opportunities are related to System Components and
Configurations.

What is the Policy Level for the Component Layer in SABSA Correct Answer
- Managed by Standards for Tools and Products.

, What is the Control Level for the Component Layer in SABSA Correct
Answer - Security Components are used to implement component-level
controls.

What is managed at the Component Layer in SABSA Correct Answer - The
Management of Components, Products, and Standards is handled at this layer.

What are the business risks & opportunities at the Logical Level Correct
Answer - Business risks and opportunities in logical domains relate to
strategic concerns, business operations, and information flow security.

How are business risks managed at the Logical Policy Level? Correct
Answer - Risks are managed through Logical Policies, which outline the risk
appetite and strategy for handling business risks in logical domains.

What controls are deployed at the Logical Control Level? Correct Answer -
Security Services are deployed to enforce logical policies and mitigate risks
related to information flows, trust relationships, and business operations.

How are security services managed at the Logical Level? Correct Answer -
Management of Security Services ensures that logical policies and controls are
properly implemented and maintained across business operations.

What are the risks & opportunities at the Physical Level? Correct Answer -
Risks and opportunities relate to the physical environment and infrastructure
domains, such as hardware, facilities, and network infrastructure
vulnerabilities.

How are physical risks managed at the Physical Policy Level? Correct
Answer - Risks are managed by Physical Procedures that are derived from the
logical policies and govern the infrastructure and physical domains.

What security mechanisms are used at the Physical Control Level Correct
Answer - Security Mechanisms such as firewalls, intrusion detection systems,
and physical access controls are deployed to secure the infrastructure and
physical environment.

How are security mechanisms managed at the Physical Level Correct
Answer - Management of Infrastructure and Environment ensures that