往期回顾
CISSP最新官方习题集(中英对照)领域(1):安全与风险管理
CISSP最新官方习题集(中英对照)领域(2):资产安全
国际信息安全CISSP认证考试独家资料:独家笔记
The organization that Chris belongs to uses the following classification process
Chris所属的组织使用以下分类过程:
1. Criteria are set for classifying data.
2. Data owners are established for each type of data.
3. Data is classified.
4. Required controls are selected for each classification.
5. Baseline security standards are selected for the organization.
6. Controls are scoped and tailored.
7. Controls are applied and enforced.
8. Access is granted and managed.
1.设置数据分类标准。
2.为每种类型的数据建立数据所有者。
3.对数据进行分类。
4.为每个分类选择所需的控制措施。
5.为组织选择了基线安全标准。
6.对控制措施规划范围和裁剪。
7.实施和执行控制措施。
8.授予并管理访问权限。
1. If Chris is one of the data owners for the organization, what steps in this process is he most likely responsible for?()
A. He is responsible for steps 3, 4, and 5.
B. He is responsible for steps 1, 2, and 3.
C. He is responsible for steps 5, 6, and 7.
D. All of the steps are his direct responsibility.
如果Chris是组织的数据所有者之一,那么他最有可能负责此过程中的哪些步骤?
A. 他负责步骤3、4和5
B. 他负责步骤1、2和3
C. 他负责步骤5、6和7
D. 所有步骤都是他的直接责任
2. Chris manages a team of system administrators. What data role are they fulfilling if they conduct steps 6, 7, and 8 of the classification process?()
A. They are system owners and administrators.
B. They are administrators and custodians.
C. They are data owners and administrators.
D. They are custodians and users.
克里斯管理着一个系统管理员团队。如果他们执行分类流程的步骤6、7和8,他们扮演的是什么角色?()
A. 系统所有者和管理员。
B. 管理员和保管员
C. 数据所有者和管理人员
D. 保管员和使用者
3. If Chris’s company operates in the European Union and has been contracted to handle the data for a third party, what role is his company operating in when it uses this process to classify and handle data?
A. Business owners
B. Mission owners
C. Data processors
D. Data administrators
如果Chris的公司在欧盟运营,并且已经签约为第三方处理数据,那么在使用此流程对数据进行分类和处理时,他的公司将扮演什么角色?
A. 企业主(业务所有者)
B. 使命所有者(任务所有者)
C. 数据处理者
D. 数据管理员