\| \| \| \| \|
Security Governance - CORRECT ANSWERS ✔✔- Defines how to
\| \| \| \| \| \| \| \| \|
ethically align business objectives to laws, standards, or
\| \| \| \| \| \| \| \|
regulations
- Sets the stage for how an organization's management will act in
\| \| \| \| \| \| \| \| \| \| \|
the best interest of the business stakeholders
\| \| \| \| \| \| \|
Aligning Security - CORRECT ANSWERS ✔✔- The security program
\| \| \| \| \| \| \| \|
must support the objectives, principles, and strategies of the
\| \| \| \| \| \| \| \| \| \|
organization
- Security must be supported by senior management to be
\| \| \| \| \| \| \| \| \| \|
affective
- top-down approach
\| \|
Top-down approach - CORRECT ANSWERS ✔✔- Support for
\| \| \| \| \| \| \| \|
security starts with senior management, then middle
\| \| \| \| \| \| \|
management, then all other personnel \| \| \| \|
4 Canons of The Code of Ethics - CORRECT ANSWERS ✔✔1.
\| \| \| \| \| \| \| \| \| \| \|
Protect society, the common good, necessary public trust and
\| \| \| \| \| \| \| \| \|
confidence, and the infrastructure \| \| \|
2. Act honorably, honestly, justly, responsibly, and legally
\| \| \| \| \| \| \|
3. Provide diligent and competent service to principals
\| \| \| \| \| \| \|
4. Advance and protect the profession
\| \| \| \| \|
, What are the 5 pillars of Information Security? - CORRECT
\| \| \| \| \| \| \| \| \| \|
ANSWERS ✔✔1. Confidentiality \| \|
2. Integrity
\|
3. Availability
\|
4. Authenticity
\|
5. Nonrepudiation
\|
Confidentiality - CORRECT ANSWERS ✔✔This is the concept of the \| \| \| \| \| \| \| \| \|
measures used to ensure the protection of the secrecy of data,
\| \| \| \| \| \| \| \| \| \| \| \|
objects, or resources. \| \|
Integrity - CORRECT ANSWERS ✔✔This is the concept of
\| \| \| \| \| \| \| \| \|
protecting the reliability and correctness of data.
\| \| \| \| \| \|
Availability - CORRECT ANSWERS ✔✔Authorized subjects are
\| \| \| \| \| \| \|
granted timely and uninterrupted access to objects.
\| \| \| \| \| \|
Authenticity - CORRECT ANSWERS ✔✔This is the security \| \| \| \| \| \| \| \|
concept that data is authentic or genuine and originates from its
\| \| \| \| \| \| \| \| \| \| \|
alleged source. \|
Non-repudiation - CORRECT ANSWERS ✔✔ensures that the \| \| \| \| \| \| \|
subject of an activity or who caused an event cannot deny that
\| \| \| \| \| \| \| \| \| \| \| \|
the event occurred.
\| \|
What are the 3 common types of security evaluations? -
\| \| \| \| \| \| \| \| \| \|
CORRECT ANSWERS ✔✔1. Risk assessment\| \| \| \|