1. Plan and Organize - Acquire and Implement - Deliver and Support - Monitor and Evaluate
2. Controls that implement access control - password mangement - identification and authentication methods - configuration
3. Ensures managment security directives are fulfilled
4. IRM
5. Guide assist in the implemenation of information security based on risk managent approach
6. Event levels available for logging in a MS DNS server
7. IT governance at the operational level
8. Controls that include policies - standards - procedures -risk management - personnel screening - training - change control
9. Process of ID and assessing risk - reducing to acceptable level - implementing mechanisms to maintain.
10. Establish - implement - control and improve the Information Security Managment System (based on BS7799 Part 2)
11. Used in assurance risk mgmt - methodical way to ID major failure modes (not useful for complex failure modes)
12. Responsible for communicating to senior mgmt organizational risks and compliance regulations
13. Security policy - map business objectives to security - Security infrastructure - security officer - reviews - Assest classification/control - inventory - Personnel security - screening - training - roles - Physical security - Communication/operation
14. Guide to illustrate how to protect personal health information
15. Used to predict changes based on trends - detect deviations - and watch events across multiple system components
16. Hp OpenView - Nmap - Qualys - Solana Networks - SolarWinds are all network _____________
17. Plan and Organize - Implement - Operate and Maintain - Monitor and Evaluate
18. Tools to ID - develop - and design security requirements for business needs
19. A log that can record outgoing requests - incoming traffic - and internet usage
20. A plan of action to deal with risks defined in the risk assessment - may remediate or transfer risk
21. An open language from mitre.org for determining vulnerabilities and problems on computer systems
22. An instance of being exposed to losses from a threat
23. Strategic - tactical and operational planning
24. Ensures necessary level of secrecy and prevents unauthorized disclosure
25. Developed by the Treadway Commission in 1985 to deal with fraudulent financial activities and reporting
26. Daily goals focused on productivity and task-oriented activities
27. Type of audit that checks information classification and change control procedures
28. Framework/set of best practices that define goals for controls used to properly manage IT and to ensure IT maps to business needs
29. Risk mgmt method created by Carnegie Mellon University - people manage/direct the risk evaluation for IT security in a company
Comptia Security +: Cryptography
Comptia Security +: Cyber Ops
Comptia Security +: Domain2 Compliance And Organization Security
Comptia Security +: Domain4 Application Security
Comptia Security + Exam
Comptia Security +: Network Access
Related MCQ's