首页
外语
计算机
考研
公务员
职业资格
财经
工程
司法
医学
专升本
自考
实用职业技能
登录
计算机
ISO/IEC 27000 is part of a growing family of ISO/IEC information security management systems (ISMS) standards. It comprises info
ISO/IEC 27000 is part of a growing family of ISO/IEC information security management systems (ISMS) standards. It comprises info
admin
2013-12-19
76
问题
ISO/IEC 27000 is part of a growing family of ISO/IEC information security management systems (ISMS) standards. It comprises information security standards published jointly by the International Organization for Standardization(ISO) and the International Electro-technical Commission (IEC). Which of the following provides an incorrect mapping of the individual standards that make up this family of standards?
选项
A、ISO/IEC 27002 Code of practice for information security management
B、ISO/IEC 27003 Guideline for ISMS implementation
C、ISO/IEC 27004 Guideline for information security management measurement and metrics framework
D、ISO/IEC 27005 Guideline for bodies providing audit and certification of information security management systems
答案
B
解析
D正确。ISO/IEC 27005标准是信息安全风险管理的指南。ISO/IEC 27005是一个描述在信息安全管理系统(ISMS)框架内如何进行风险管理的国际标准。
A不正确。因为ISO/IEC 27002是信息安全管理的行为准则,因此,它的映射关系是正确的。ISO/IEC 27002提供了与信息安全管理系统(ISMS)的初始化、实施或维护相关的最佳行为推荐和指南。
B不正确。因为ISO/IEC 27003是ISMS的实施指南,因为它的映射关系是正确的。ISO/IEC 27003关注的是根据ISOflEC 27001:2005成功设计和实施信息安全管理系统(ISMS)所需要的关键方面。ISO/IEC 27003描述了ISMS规范和设计从构思到执行计划的过程。
C不正确。因为ISO/IEC 27004是信息安全管理策略和度量框架的指南,因为它的映射是正确的。正如ISO/IEC 27001中所述,ISO/IEC 27004在评估已实施的信息安全管理系统(ISMS)和控制(或控制分组)有限性方面提供了开发与使用评价和测量方法的指导。
转载请注明原文地址:https://www.kaotiyun.com/show/HNhZ777K
0
CISSP认证
相关试题推荐
AsformercolonistsofGreatBritain,theFoundingFathersoftheUnitedStatesadoptedmuchofthelegalsystemofGreatBritai
Individualsandbusinesseshavelegalprotectionforintellectualpropertytheycreateandown.Intellectualproper【C1】______fro
School-agechildrenshouldparticipatein60minutesormoreofmoderatetovigorousphysicalactivitydaily,accordingtoanex
Writeanessayof160-200wordsbasedonthefollowingdrawing.Inyouressay,youshould1)describethedrawingbriefly,
Twomonthsago,yougotajobasaconsultantforHumanResourceServiceCompany.Butnowyoufindthattheworkisnotwhatyou
DespiteincreasedairportsecuritysinceSeptember11th,2001,thetechnologytoscanbothpassengersandbaggageforweaponsan
Howmenfirstlearnedtoinventwordsisunknown;inotherwords,theoriginoflanguageisamystery.Allwereallyknowistha
Gradeinflation—thegradualincreaseinaverageGPAs(grade-pointaverages)overthepastfewdecades—isoftenconsideredaprod
Twentyyearsagoadebateeruptedaboutwhethertherewerespecific"Asianvalues".Butamoreintriguing,iflessnoticed,arg
YouaretheadministratorofaSQLServer2000computer.Youarecreatingadatatransformationservicespackage.Asthefirsts
随机试题
若沉降室高度降低,则沉降时间(),生产能力()。
管理的核心是()
A.苯丙酮尿症B.半乳糖血症C.先天性甲状腺功能减低症D.21-三体综合征E.肝豆状核变性F.糖原累积病G.粘多糖病H.枫糖血症
患牙浮起、松动,局部黏膜明显红肿,伴全身不适、发热及淋巴结肿大。X线片示根尖周投射影。镜下见根尖周牙周膜坏死、液化形成大脓肿,周围牙槽骨骨髓腔中较多中性粒细胞浸润。这是
雷某的行为触犯了哪些罪名?()关于本案的自首,以下说法中错误的有哪些?()
对于确实无法收回的应收款项,应当冲销提取的坏账准备,借记“坏账准备"账户,贷记“应收账款”、“其他应收款”等账户。()
年终总结不仅仅是工作单位绩效考核的依据,更主要的是员工个人对于一年来工作的回顾和_________。如果只是_________,草草了事,绝对是没有意义的。依次填入画横线部分最恰当的一项是()。
美丽乡村要金山银山,也要绿水青山,绿水青山就是金山银山,请以此为角度进行演讲。
AnIndiananthropologist.ChandraThapar,madeastudyofforeigncultures,whichhadcustomssimilarto【1】ofhisnativeland.O
Youcanspottheminthegrocerystore.They’rethemomswiththeshoppingcartcoverthat’ssupposedtoprotectbabiesfroml
最新回复
(
0
)
