Cobit 5 Study guides, Class notes & Summaries

CISSP PRACTICE TESTS Chapter 2 ▪Asset Security (Domain 2). Questions and answers. VERIFIED. 1. Angela is an information security architect at a bank and has been assigned to ensure that transactions are secure as they traverse the network. She recommends that all transactions use TLS. What threat is the most likely attempting to stop, and what method is she using to proctect against it? A. Man-in-the-middle VPN B. Packet injection, encryption C. Sniffing, encryption D. Sniffing, T...

1. Corporate management (including the CEO) must certify monthly and annually their organization’s internal controls over financial reporting. ANS: F PTS: 1 2. Both the SEC and the PCAOB require management to use the COBIT framework for assessing internal control adequacy. ANS: F PTS: 1 3. Both the SEC and the PCAOB require management to use the COSO framework for assessing internal control adequacy. ANS: F PTS: 1 4. A qualified opinion on management’s assessment of internal control...

How many steps in NIST RMF? Correct Answer 6 Name steps of the NIST RMF Correct Answer 1) Categorize Info Systems 2) Select Security Controls 3) Implement Security Controls 4) Assess Security Controls 5) Authorize Info Systems 6) Monitor Security Controls What are the layers of COBIT? Correct Answer Governance and Management What are the Management layers of COBIT? Correct Answer 1) Align, Plan, and Organize 2) Build, Acquire, and Implement 3) Deliver, Service, and Support 4) Mo...

Business Relationship Manager - correct answer -A role that serves as the strategic interface between a Provider, and one or more Business Partners to stimulate, surface and shape business demand for the Provider's products and services and ensure that the potential business value from those products and services is captured, realized, optimized and recognized. Three Perspectives of BRM - correct answer -- Role (duties and responsibilities) - Discipline (skills, capabilities and knowledge) ...

hat any risk (or opportunity) associated with organizational activities is identified and addressed in a way that supports the organization's business goals Compliance - answerMaking sure that organizational activities are operated in a way that meets the laws and regulations impacting those systems IT Governance - answer1) The processes that ensure the effective and efficient use of IT in enabling an organization to achieve its goals 2)A move from ad hoc IT devision making to establishin...

BRMP Certification Exam Questions and Answers 100% VerifiedBRMP Certification Exam Questions and Answers 100% VerifiedBRMP Certification Exam Questions and Answers 100% Verified Business Relationship Manager - ANSWER-A role that serves as the strategic interface between a Provider, and one or more Business Partners to stimulate, surface and shape business demand for the Provider's products and services and ensure that the potential business value from those products and services is captured...

What is the difference between a standard and a policy? Correct Answer Standard = A mandatory action, explicit rules, controls or configuration settings that are designed to support and conform to a policy. A standard should make a policy more meaningful and effective by including accepted specifications for hardware, software or behavior. Standards should always point to the policy to which they relate. Policy = IT policies help organizations to properly articulate the organization's desired ...

WGU C727 - Cybersecurity Management I – Strategic Exam 2022 with complete solution

(ISC)2 - International Information System Security Certification Consortium A security certification granting organization that has a long history of certifications that were difficult to get. This difficulty has made their certificates seen as having higher value in the industry. (ISC)2 Cloud Secure Data Life Cycle Based on CSA Guidance. 1. Create; 2. Store; 3. Use; 4. Share; 5. Archive; 6. Destroy. (SAS) 70 _____ was a recognized standard of the American Institute of Certified Public Acco...

Class 10 Information Systems Auditing Exam 31 Questions with Verified Answers ISACA - CORRECT ANSWER - Information Systems Audit and Control Association •Founded 1969. •An independent, nonprofit, global association that engages in the development, adoption and use of globally accepted, industry leading knowledge and practices for information systems •Provides practical guidance, benchmarks and tools for enterprises that use information systems •It defines the role of governance, s...