System upon ISO/IEC 27001:2013 & 27002: 2013 Watu: 20 menit 1. CIA stands for _____ (Les1-7) a. Collaboration - Information - Availability b. Collaboration - Information - Access Control c. Confidentiality - Integrity - Availability d. Confidentiality - Integrity - Availability 2. ISS stands for _____ (Les2-!) a. Information Sec"rity anagement Sec"rity b. Information System anagement Sec"rity c. Information System anagement System d. Information Security Management System !. #$e _____ is a model frame%or& for establis$ing and eval"ating information sec"rity. (Les1-') a. Symmetrical C"be b. IS()I*C C"be c. CIA #riad d. McCumber Cube +. _____ is desired goals of ,Answer of Question No. 3- (Les1-') a. CIA Triad b. A.C #riad c. /0* #riad d. 123 #riad Pre-Test- 1 4. 5$ic$ one of t$e follo%ing IS( standards t$at 6rovides t$e overvie% of ISS7 and terms 8 definitions commonly "sed in t$e ISS family of standards9 (Les!-+) a. IS()I*C 27::2;2:1! b. ISO/IC !"###$!#1% c. IS()I*C 27::1;2:1! d. IS()I*C 27::!;2:11 <. 5$ic$ one of t$e follo%ing IS( standards t$at s6ecifies t$e re="irements for establis$ing7 im6lementing7 maintaining and contin"ally im6roving an information sec"rity management system. (Les!-+) a. IS()I*C 27::2;2:1! b. IS()I*C 27:::;2:1+ c. ISO/IC !"##1$!#1& d. IS()I*C 27::!;2:11 7. #$e follo%ing are t$e section of IS()I*C 27::1;2:1!7 *1C*/#9 (Les!-1<-17) a. Conte>t of t$e organi?ation b. Information Security Management System - ISMS c. Leaders$i6 d. S"66ort '. _____ is code of 6ractice for Information sec"rity controls. (Les!-12) a. ISO/IC !"##!$!#1& b. IS()I*C 27::1;2:1! c. IS()I*C 27:::;2:1+ d. IS()I*C 27::<;2:11 @. IS()I*C 27::1;2:1! $as been develo6ed "sing _____ (Les2-+) a. Anne' S( b. Anne> 1L c. Anne> S d. Anne> L Pre-Test- ! 1:. #$e IS()I*C 27::1;2:1! sets o"t t$e re="ired str"ct"red a66roac$ to t$e establis$ment of an ISS. It is &no%n as _____ model. (Les!-27) a. P)CA b. SALC c. 5aterfall odel d. Bis& Assessment odel 11. S(A stands for _____ (Les!-27) a. Statement of Ac&no%ledgement b. Statement of Availability c. Statement of A66lication-State d. Statement of A**licability 12. _____ is 6otential event res"lting in loss. (Les<-+) a. Asset b. T+reat c. C"lnerability d. *>6loit 1!. #$e follo%ing are t$e ris& treatment o6tions7 *1C*/#9 (Les<-24) a. Acce6t b. Avoid c. Corrective d. #ransfer 1+. _____ is decreasing t$e ca6ability of a device to t$e minim"m re="ired for its intended 6"r6ose. (Les<-+) a. Asset b. itigation c. C"lnerability d. ,ardening Pre-Test- & 14. #$e follo%ing is t$e ris& analysis met$odology7 *1C*/#9 (C$oose #%o) (Les<-1!) a. Ob-ective .is/ Analysis b. Assets .is/ Analysis c. 0"alitative Bis& Analysis d. 0"antitative Bis& Analysis Pre-Test- %