Question
The COSO framework is built on five interrelated components. Which of the following is NOT one of them? a. Control environment b. Control activities c.
The COSO framework is built on five interrelated components. Which of the following is NOT one of them?
| a. | Control environment | |
| b. | Control activities | |
| c. | Risk assessment | |
| d. | InfoSec Governance |
Which type of access controls can be role-based or task-based?
| a. | content-dependent | |
| b. | nondiscretionary | |
| c. | discretionary | |
| d. | constrained |
Which of the following is NOT a category of access control?
| a. | mitigating | |
| b. | compensating | |
| c. | preventative | |
| d. | deterrent |
Which of the following is the primary purpose of ISO/IEC 27001:2005?
| a. | Use within an organization to formulate security requirements and objectives | |
| b. | Use within an organization to ensure compliance with laws and regulations | |
| c. | Implementation of business-enabling information security | |
| d. | To enable organizations that adopt it to obtain certification |
Which of the following is NOT a change control principle of the Clark-Wilson model?
| a. | No unauthorized changes by authorized subjects | |
| b. | No changes by unauthorized subjects | |
| c. | No changes by authorized subjects without external validation | |
| d. | The maintenance of internal and external consistency |
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access with AI-Powered Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started