Managing Cloud Security - D320
Questions with complete verified
solutions (graded A+)
International Standards Organization (ISO) - answer is an international
standards body composed of representatives from various standards
organizations.
ISO/IEC 27001 - answer Standard on managing Information Security. It
includes requirements for establishing ,
implementing, maintaining, and continually improving information
management.
ISO/IEC 27002 - answer provides best practices on information security
controls for those attempting to be ISO/IEC 27001.
ISO/IEC 27017 - answer created to supplement ISO/IEC 27002 to
provide additional security controls for the cloud.
ISO/IEC 27018:2014
ISO/IEC 27018:2019 - answer IT Security techniques. Code of practice
for protection of PII in public clouds.
,ISO/IEC 27034-1 - answer mandates a framework for application
security within an organization.
ISO/IEC 28000:2007 - answer standard for ensuring security assurance
in the supply chain.
ISO/IEC 31000:2009 - answer standard providing industry independent
principles and guidelines on risk management.
NIST - answer National Institute of Standards and Technology is an
agency of the Department of Commerce whose mission is to promote
innovation and industrial competitiveness. It also creates numerous
standard and requirements for the DoD, Federal Government, and
government contractors relating to Cyber security.
NIST SP 800-37 - answer Risk Management Framework using a life cycle
approach for security and privacy.
NIST SP 800-53 - answer provides security and privacy controls for
information systems and organizations.
NIST SP 800-92 - answer Guide to Computer Security Log Management
, ISO 27034 - answer There is only one ONF for an organization but
potentially as many ANF's as applications.
- Application Normative Framework (ANF)
- Organizational Normative Framework (ONF)
ASHRAE - American Society of Heating, Refrigerating and Air-
Conditioning Engineers - answer is an American professional association
seeking to advance heating, ventilation, air conditioning and
refrigeration systems design and construction.
Biba - answer an access control model designed to preserve data
integrity. It has 3 goals. Maintain internal and external consistency;
prevent unauthorized data modification even by authorized parties;
prevent data modification by unauthorized individuals.
Capability Maturity Model (CMM) - answer is a development model
where the maturity relates to the formality and optimization of
processes. When applied to cloud security it would focus on those
aspects as they relate to cloud security.
Questions with complete verified
solutions (graded A+)
International Standards Organization (ISO) - answer is an international
standards body composed of representatives from various standards
organizations.
ISO/IEC 27001 - answer Standard on managing Information Security. It
includes requirements for establishing ,
implementing, maintaining, and continually improving information
management.
ISO/IEC 27002 - answer provides best practices on information security
controls for those attempting to be ISO/IEC 27001.
ISO/IEC 27017 - answer created to supplement ISO/IEC 27002 to
provide additional security controls for the cloud.
ISO/IEC 27018:2014
ISO/IEC 27018:2019 - answer IT Security techniques. Code of practice
for protection of PII in public clouds.
,ISO/IEC 27034-1 - answer mandates a framework for application
security within an organization.
ISO/IEC 28000:2007 - answer standard for ensuring security assurance
in the supply chain.
ISO/IEC 31000:2009 - answer standard providing industry independent
principles and guidelines on risk management.
NIST - answer National Institute of Standards and Technology is an
agency of the Department of Commerce whose mission is to promote
innovation and industrial competitiveness. It also creates numerous
standard and requirements for the DoD, Federal Government, and
government contractors relating to Cyber security.
NIST SP 800-37 - answer Risk Management Framework using a life cycle
approach for security and privacy.
NIST SP 800-53 - answer provides security and privacy controls for
information systems and organizations.
NIST SP 800-92 - answer Guide to Computer Security Log Management
, ISO 27034 - answer There is only one ONF for an organization but
potentially as many ANF's as applications.
- Application Normative Framework (ANF)
- Organizational Normative Framework (ONF)
ASHRAE - American Society of Heating, Refrigerating and Air-
Conditioning Engineers - answer is an American professional association
seeking to advance heating, ventilation, air conditioning and
refrigeration systems design and construction.
Biba - answer an access control model designed to preserve data
integrity. It has 3 goals. Maintain internal and external consistency;
prevent unauthorized data modification even by authorized parties;
prevent data modification by unauthorized individuals.
Capability Maturity Model (CMM) - answer is a development model
where the maturity relates to the formality and optimization of
processes. When applied to cloud security it would focus on those
aspects as they relate to cloud security.
