Recent

  • Show all results for ""
quiz image

5_2_2 Section 5 – Governance, Risk, and Compliance - 5.2 – Regulations, Standards, and Frameworks - Security Frameworks

UnmatchedMandolin avatar
UnmatchedMandolin
·
·
Download

Start Quiz

Study Flashcards

22 Questions

What is the name of the auditing standard that focuses on reports related to trust services criteria or security controls?

SSAE 18

What is the name of the report suite that focuses on security controls and trust services criteria?

SOC 2

What type of audit examines the controls in place at a particular date and time?

Type I Audit

What is the minimum period required for a type II audit?

6 consecutive months

What is the name of the not-for-profit organization that focuses on security in the cloud?

Cloud Security Alliance

What is the name of the framework created by the Cloud Security Alliance?

Cloud Controls Matrix Framework

What is one major challenge when trying to secure an organization's data?

Adapting to unique organizational requirements

What can security frameworks help you with?

Understanding security processes and building them from scratch

Why might you need to refer to security frameworks?

To prioritize security projects and tasks

What is one benefit of using security frameworks?

They help you build security processes from scratch

What is unique about each organization's security needs?

The industry or line of work they are in

What can security frameworks help you understand?

Different security processes available

What is the main focus of the CIS Critical Security Controls (CSC)?

To improve the security posture of an organization.

Which framework is required for United States Federal Government Agencies?

NIST Risk Management Framework (RMF)

What is the main difference between the NIST RMF and NIST CSF?

RMF is for federal government agencies, while CSF is for commercial implementations.

What are the three major areas of the NIST Cybersecurity Framework (CSF)?

Framework Core, Framework Implementation Tiers, Framework Profile

What is the purpose of the ISO/IEC 27001 standard?

To establish a standard for Information Security Management Systems (ISMS).

What is the focus of the ISO/IEC 27701 standard?

Privacy Information Management Systems (PIMS)

What is the main purpose of the CIS Critical Security Controls (CSC)?

To improve the security posture of an organization.

What is unique about the CIS Critical Security Controls (CSC)?

It provides different recommendations depending on the size of the organization.

What is the SSAE SOC 2 typically associated with?

Auditing and compliance

How many steps are in the NIST Risk Management Framework (RMF)?

6 steps

Get started with IT security and learn best practices to secure an organization's data. Discover frameworks that provide valuable information and guidance. Every organization is unique, but this quiz will set you on the path to providing additional security today.

Make Your Own Quizzes and Flashcards

Convert your notes into interactive study material.

Get started for free

More Quizzes Like This

¿Cuánto sabes sobre los marcos de riesgo de TI y ciberseguridad en las organizac...
9 questions

¿Cuánto sabes sobre los marcos de riesgo de TI y ciberseguridad en las...

EffectualSugilite avatar
EffectualSugilite
NIST Cybersecurity Framework Quiz
10 questions

NIST Cybersecurity Framework Quiz

CalmingPascal avatar
CalmingPascal
Security Policies and Challenges in Cybersecurity
5 questions

Security Policies and Challenges in Cybersecurity

ChasteLeaningTowerOfPisa avatar
ChasteLeaningTowerOfPisa
4_2_3 Section 4 – Operations and Incident Response - 4.2 – Incident Response - Attack Frameworks
22 questions

4_2_3 Section 4 – Operations and Incident Response - 4.2 – Incident Re...

UnmatchedMandolin avatar
UnmatchedMandolin
Use Quizgecko on...
Browser
Open
Browser
Browser