Nptel Assignment Answers 2023 Cyber Security and Privacy
Which of the following terms best describe the specification of a model to be followed during the design, selection, and initial and ongoing implementation of all subsequent security controls?
Blueprint
NIST handbook
An information security framework
Security plan
The term that best describes the specification of a model to be followed during the design, selection, and initial and ongoing implementation of all subsequent security controls is:
An information security framework
An information security framework provides a structured approach and guidelines for designing, implementing, and managing security controls within an organization. It helps ensure consistency and effectiveness in addressing security concerns across various aspects of an organization's operations.
True or False: SP 800-18, Guide for Developing Security Plans, is considered the foundation for a comprehensive security blueprint and framework.
True
False
True.
One of the foundations of security architectures is the requirement to implement security in layers. This layered approach is referred to as:
managerial controls
security domain
redundancy
defense in depth
The layered approach to security is referred to as:
Defense in depth
Nptel Assignment Answers 2023 Cyber Security and Privacy
Control Objectives for Information and Related Technologies is a framework created by ------ for information technology (IT) management and -------------
HIPPA, & Information officer
ISO, & Security officer
ISACA, & IT governance
CISO, & Chief officer
Control Objectives for Information and Related Technologies (COBIT) is a framework created by ISACA (Information Systems Audit and Control Association) for information technology (IT) management and IT governance.
Three approaches to cyber security management are
1. Governance-Risk-Compliance (GRC) approach
2. ---------------------------------------------------
3. Organizational planning approach
Information-driven approach
Security-driven approach
Standards-driven approach
Procedure-driven approach
The three approaches to cybersecurity management are:
Governance-Risk-Compliance (GRC) approach
Standards-driven approach
Organizational planning approach
Each of these approaches focuses on different aspects of cybersecurity management and helps organizations establish effective security practices.
Nptel Assignment Answers 2023 Cyber Security and Privacy
ISO/IEC 27032:2012 involves guidelines for -----------------
Network security
Cyber security
Risk Management
Governance of information security
ISO/IEC 27032:2012 involves guidelines for Cyber security. It provides guidance on the protection of information in the context of cyberspace, which includes both the technical and non-technical aspects of cybersecurity.
The five goals of information security governance are
1. -----------------of information security with business strategy to support organizational objectives
2. ---------------- by executing appropriate measures to manage and mitigate threats to information resources
3. -----------------by utilizing information security knowledge and infrastructure efficiently and effectively
4. -----------------by measuring, monitoring, and reporting information security governance metrics to ensure that organizational objectives are achieved
5. -----------------by optimizing information security investments in support of organizational objectives.
A. Strategic alignment
B. Risk management
C. Resource management
D. Performance measurement
E. Value delivery
Match the following
1-B,2-C,3-D,4-C,5-A,
1-C,2-B,3-A,4-B,5-E
1-E,2-C,3-A,4-B,5-D
1-A,2-B,3-C,4-D,5-E,
The correct match for the five goals of information security governance is:
A. Strategic alignment
B. Risk management
C. Resource management
D. Performance measurement
E. Value delivery
Match ISO Series with the corresponding topic
(A) 27000 (1)Series Overview and Terminology
(B) 27003 (2)Information Security Management Systems Implementation Guidelines
(C) 27004 (3) Information Security Measurements and Metrics
(D) 27005 (4) ISMS Risk Management
(E) 27006 (5) Requirements for Bodies Providing Audit and Certification of ISMS
A-1, B-2,C-3, D-4, E-5
A-4, B-2, C-3, D-1, E-5
A-2,B-1,C-3,D-5,E-4
A-3,B-2,C-1,D-5,E-4
The correct match for the ISO Series and the corresponding topics is:
A-1, B-2, C-3, D-5, E-4
(A) 27000 - (1) Series Overview and Terminology
(B) 27003 - (2) Information Security Management Systems Implementation Guidelines
(C) 27004 - (3) Information Security Measurements and Metrics
(D) 27005 - (4) ISMS Risk Management
(E) 27006 - (5) Requirements for Bodies Providing Audit and Certification of ISMS
Nptel Assignment Answers 2023 Cyber Security and Privacy
(1)------------------ is authorized by policy from senior management and is usually carried out by senior IT and information security executives, such as the(2)---------and-(3)-------
1- ISG 2- CIO, 3- CISO
1-CO,2, 2-CIO,3- CISO
1-CISO, 2-CIO, 3-CO
1-CISO, 2-ISG, 3-CO
The correct option is:
1-CISO, 2-CIO, 3-CO
(1) - Chief Information Security Officer (CISO) is authorized by policy from senior management.
(2) - Chief Information Officer (CIO)
(3) - Chief Operating Officer (CO)
Conclusion: nptel assignment answers 2023 cyber security and privacy,cyber security and privacy nptel,cyber security by nptel,