Live Virtual Machine Lab 2.2: Module 02 Control Mechanisms, Standards and Frameworks

Which of the following ISO framework provides requirements for an information security management system and focuses on managing information security within an organization? 31000 27701 27002 27001

27001

Which of the following standards provide guidelines for hardening a Webserver? International Organization for Standardization (ISO) Cloud Control Matrix (CCM) Statements on Standards for Attestation Engagements (SSAE) Center for Internet Security (CIS)

Center for Internet Security (CIS)

Which type of control identifies a security risk that might be present in a policy, process, or procedure? Detective Compensating Preventative Deterrent Corrective

Detective

Which of the following are examples of technical control? [Choose all that apply] Router Alarm systems Dead-bolted steel doors A non-disclosure agreement (NDA) Firewall

Firewall Router

Which of the following standard/law focuses on protecting the financial non-public information? GRAMM-LEACH-BILLEY ACT (GLBA) Health Insurance Portability and Accountability Act (HIPAA) US Privacy Act of 1974 Federal Information Security Management Act (FISMMA)

GRAMM-LEACH-BILLEY ACT (GLBA)