Mastering Cybersecurity Standards

Questions and Answers

Which of the following is mentioned as an existing cybersecurity standard?

• Standard of Good Practice for Information Security
• The ISO 27000 suite of information security standards
• The CIS Critical Security Controls For Effective Cyber Defense
• All of the above (correct)

Which of the following is NOT mentioned as an objective of this document?

• Compare standards with each other
• Present an overview of existing cybersecurity standards
• Understand the importance of certification
• Present an overview of the various security controls covered by standards (correct)

What is the purpose of the Payment Card Industry Data Security Standard (PCI DSS)?

• To understand the importance of certification
• To provide an overview of existing cybersecurity standards
• To ensure the security of payment card data (correct)
• To compare standards with each other

Which organization is responsible for the development of the ISO 27000 suite of information security standards?

The International Organization for Standardization (ISO) (D)

What is the main focus of the CIS Critical Security Controls For Effective Cyber Defense?

To provide a prioritized approach to cybersecurity (D)

Which of the following is NOT mentioned as an existing cybersecurity standard?

Payment Card Industry Data Security Standard (PCI DSS) (D)

What is the main focus of the Standard of Good Practice for Information Security?

Management of a cybersecurity system (B)

Which organization is responsible for the development of the ITU-T security documents?

International Telecommunication Union (ITU-T) (C)

What is the importance of certification in cybersecurity standards?

Validation of compliance with standards (A)

What is the purpose of the CIS Critical Security Controls For Effective Cyber Defense?

Implementation of a cybersecurity program (C)

Flashcards are hidden until you start studying