19 Dec Practice Test Question-Cybersecurity Standards
Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.
Which one of the following industry standards describes a standard approach for setting up an information security management system?
A. CIS
B. ISO 27002
C. OWASP
D. ISO 27001
Correct Answer: D
ISO 27001 describes a standard approach for setting up an information security management system, making it our correct answer here. While ISO 27002 goes into more detail on the specifics of information security controls, which is not what we are looking for. The Center for Internet Security (CIS) produces a set of configuration benchmarks used to securely configure operating systems, applications, and devices, which is an incorrect answer. The Open Web Application Security Project (OWASP) provides advice and tools focused on web application security, another incorrect answer here.
Interested in more practice test questions?
Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test!
No Comments