Page 1 of 120
cybersecurity architecture and engineering
(kfo1/d488) –Question Study Guide with
Answers & Full Explanations | PDF. –
Question Study Guide with Answers & Full
Explanations | PDF.
Question 1
Which framework provides a structured approach to aligning
business goals with security architecture using six layers
(contextual, conceptual, logical, physical, component,
operational)?
A) TOGAF
B) SABSA (Sherwood Applied Business Security Architecture)
C) Zachman Framewor
,Page 2 of 120
D) ISO 27001
Answer: B) SABSA
Rationale: SABSA is a business-driven security architecture
framework that uses six layers (contextual, conceptual, logical,
physical, component, operational) to map business requirements
to security services. It focuses on delivering business value rather
than just technical controls .
Question 2
In the SABSA framework, which layer defines "who" the
architecture serves (stakeholders, business drivers, risk appetite)?
A) Contextual Layer
B) Conceptual Layer
C) Logical Layer
D) Physical Layer
,Page 3 of 120
Answer: A) Contextual Layer
Rationale: The Contextual Layer (layer 1) answers "Why?" and
defines business requirements, stakeholders, risk appetite, and
regulatory drivers. The Conceptual Layer answers "What?"
(strategy), Logical answers "How?" (architecture), Physical
answers "Where?" (implementation), Component answers "Who?"
(details), and Operational answers "When?" (processes) .
Question 3
Which architectural framework provides a common language for
describing enterprise architecture using 36 cells (6 rows × 6
columns)?
A) SABSA
B) TOGAF (The Open Group Architecture Framework)
C) Zachman Framework
D) DoDAF
, Page 4 of 120
Answer: C) Zachman Framework
Rationale: The Zachman Framework is a schema for organizing
architectural artifacts using six interrogatives (What, How,
Where, Who, When, Why) and six perspectives (Planner,
Owner, Designer, Builder, Subcontractor, Enterprise). It does not
prescribe methodology but provides classification .
Question 4
TOGAF's Architecture Development Method (ADM) includes which
phase that defines the target architecture and performs gap
analysis?
A) Preliminary Phase
B) Phase B (Business Architecture)
C) Phase C (Information Systems Architecture)
D) Phase E (Opportunities and Solutions)
cybersecurity architecture and engineering
(kfo1/d488) –Question Study Guide with
Answers & Full Explanations | PDF. –
Question Study Guide with Answers & Full
Explanations | PDF.
Question 1
Which framework provides a structured approach to aligning
business goals with security architecture using six layers
(contextual, conceptual, logical, physical, component,
operational)?
A) TOGAF
B) SABSA (Sherwood Applied Business Security Architecture)
C) Zachman Framewor
,Page 2 of 120
D) ISO 27001
Answer: B) SABSA
Rationale: SABSA is a business-driven security architecture
framework that uses six layers (contextual, conceptual, logical,
physical, component, operational) to map business requirements
to security services. It focuses on delivering business value rather
than just technical controls .
Question 2
In the SABSA framework, which layer defines "who" the
architecture serves (stakeholders, business drivers, risk appetite)?
A) Contextual Layer
B) Conceptual Layer
C) Logical Layer
D) Physical Layer
,Page 3 of 120
Answer: A) Contextual Layer
Rationale: The Contextual Layer (layer 1) answers "Why?" and
defines business requirements, stakeholders, risk appetite, and
regulatory drivers. The Conceptual Layer answers "What?"
(strategy), Logical answers "How?" (architecture), Physical
answers "Where?" (implementation), Component answers "Who?"
(details), and Operational answers "When?" (processes) .
Question 3
Which architectural framework provides a common language for
describing enterprise architecture using 36 cells (6 rows × 6
columns)?
A) SABSA
B) TOGAF (The Open Group Architecture Framework)
C) Zachman Framework
D) DoDAF
, Page 4 of 120
Answer: C) Zachman Framework
Rationale: The Zachman Framework is a schema for organizing
architectural artifacts using six interrogatives (What, How,
Where, Who, When, Why) and six perspectives (Planner,
Owner, Designer, Builder, Subcontractor, Enterprise). It does not
prescribe methodology but provides classification .
Question 4
TOGAF's Architecture Development Method (ADM) includes which
phase that defines the target architecture and performs gap
analysis?
A) Preliminary Phase
B) Phase B (Business Architecture)
C) Phase C (Information Systems Architecture)
D) Phase E (Opportunities and Solutions)
