Information Security: Context and Introduction

ISO 27001 of Information Security Context and Introduction

ByAdmin August 9, 2021

Week 4 ISO 27001 of Information Security Context and Introduction

A standard that establishes the requirements for the implementation of an information security management system.

A set of recommendations to secure the information systems of an organisation.

A document that defines the security controls that can be implemented within an information security management system.

A standard that describes the security policies that must be followed at all levels of an organisation.

Guidance on risk assessment.

Descriptions of how to establish and operate an information management system.

Definitions of basic terminology related to information security.

Description and guidance on security controls.

True.

False

None of these answers.

Their ISO 27001 implementation and operation of an information security management system.

Their ISO 27001 implementation of security policies.

Their ISO 27002 implementations of controls.

Question 5

The Plan-Do-Check-Act model establishes a set of tasks that must be executed in cycles. Although this model was used in previous versions of the ISO 27001 standard, it is still valid as an effective approach to implement an effective Information Security Management System (ISMS). In fact, when implementing a ISMS using the Plan-Do-Check-Act (select those that are true):

1 point

The planning stage is limited to the activities related to project planning and management.

The planning stage includes all the activities to determine what is required for the ISMS.

The check stage involves analysing the planned actions to verify if they will meet the security goals of the organisation.

The acting stage involves acting on the findings of the checking stage to address the gaps found.

The acting stage involves executing all the planned actions during the planning phase.

The check phase involves verifying the activities that have been done to check if what was planned was done and what was done meets the security goals of the organisation.

Document control

Encryption.

Internal audits.

Intrusion detection.

Information Security: Context and Introduction

Authentication and Authorisation of Information Security Context and Introduction

ByAdmin August 9, 2021

Week 3 Authentication and Authorisation of Information Security Context and Introduction 1. Question 1 Authentication always requires a password. 1 point True False 2. Question 2 We can consider…

Information Security: Context and Introduction

Access Control of Information Security Context and Introduction

ByAdmin August 9, 2021

Week 3 Access Control of Information Security Context and Introduction 1. Question 1 An access control policy establishes: 1 point The model of access for a specific system. A method…

Information Security: Context and Introduction

System Vulnerabilities of Information Security Context and Introduction

ByAdmin August 9, 2021

Week 3 System Vulnerabilities of Information Security Context and Introduction 1. Question 1 Select the phases of development where a vulnerability can appear: 1 point Design Deployment Implementation Analysis Maintenance

Information Security: Context and Introduction

Law and Regulations of Information Security Context and Introduction

ByAdmin August 9, 2021

Week 4 Law and Regulations of Information Security Context and Introduction 1. Question 1 The implementation of an Information Security Management System requires us to identify the laws and legislations…

Information Security: Context and Introduction

Incident Management of Information Security Context and Introduction

ByAdmin August 9, 2021

Week 4 Incident Management of Information Security Context and Introduction 1. Question 1 Select the items from the list that are considered phases in the management of security incidents. 1…

Information Security: Context and Introduction

Security Controls of Information Security Context and Introduction

ByAdmin August 9, 2021

Week 4 Security Controls of Information Security Context and Introduction 1. Question 1 Select which of the items in the list can be considered as a category of security…

Week 4 ISO 27001 of Information Security Context and Introduction

Similar Posts