|
|
发表于 2016-7-12 16:29:08
|
显示全部楼层
ISO 27002 是这个题吗?; Y; j6 N5 z6 G
2 O8 ]! `* j- i( z0 g6 r
Which three statements regarding ISO 27002 and COBIT are correct? (Choose three.) 9 h- s" \, s- r1 }) A# C7 a1 J5 [" U
: k Z3 J9 `* w" ]& o% N2 _
A. COBIT and ISO 27002 both define a best practices framework for IT controls.
9 p8 ~3 A4 m. r3 L9 z& B! F" Y# P' f* {' ?9 e$ A2 U: t
B. COBIT focuses on information system processes, whereas ISO 27002 focuses on the security of the information systems.
6 I" B( P0 r. o8 `. [/ r
7 {+ |9 N2 c& kC. ISO 27002 addresses control objectives, whereas COBIT addresses information security management process requirements.
; o2 W7 z- ?3 |( X
0 k6 b( e" D cD. Compared to COBIT, ISO 27002 covers a broader area in planning, operations, delivery, support, maintenance, and IT governance. ' U8 L5 K% b! k$ M9 H4 v
9 a- f) o9 m6 H+ l
E. Unlike COBIT, ISO 27002 is used mainly by the IT audit community to demonstrate risk mitigation and avoidance mechanisms.
. I$ m3 A# X1 `; x U! ]8 ?" }/ Y1 _) k) }# W
Answer: ABC ' ?* C5 s: J9 e. V
|
沙发
2016-7-12 16:29:08
回复(0)
收起回复
|
简体中文
英语
日语
韩语
法语
西班牙语
越南语
泰语
阿拉伯语
俄语
葡萄牙语
德语
意大利语
希腊语
荷兰语
波兰语
保加利亚语
爱沙尼亚语
丹麦语
芬兰语
捷克语
罗马尼亚语
斯洛文尼亚语
瑞典语
匈牙利语
繁体中文
文言文
置顶卡
喧嚣卡
变色卡
千斤顶
楼主