Home / Summaries / CISSP All-in-One Exam Guide, Eighth Edition / architecture-security-enterprise

Domain 1: Security and Risk Management - Security Frameworks - Enterprise Architecture Development

35 important questions on Domain 1: Security and Risk Management - Security Frameworks - Enterprise Architecture Development

Which two approaches are there when securing an organization?

1. Ad hoc approach
2. Enterprise security Architecture

What is the OSI model?

This is an abstract model used to illustrate the architecture of a networking stack.

What is the difference between a architecture framework and an actual architecture?

The framework is being used as a guideline on how to build an architecture that best fits your company's needs.
  • Higher grades + faster learning
  • Never study anything twice
  • 100% sure, 100% understanding
Discover Study Smart
Testimonial person
Sophia
Law student
Quotes

For my 1st exam I got a C. Then, I started looking for ways to learn better and I came across Study Smart. Since then I have scored a A+, A, A- and another A. I highly recommend it to everyone who wants to hear it. I am so happy with it!!

Testimonial person
John
Economics Student
Quotes

I was struggling to finish all my first-year subjects for 3 years. Then I discovered Study Smart, which helped me to finish all of them within 3 months.

Testimonial person
Sara
Public Administration Student
Quotes

Because of StudySmart, things are going well in many ways. Before, I always had study stress and no time for anything. Now I feel calm and confident (because of the program). I used to score a B, now I usually score an A or A+.

Testimonial person
Mary
Business Student
Quotes

Hey Chris, I really want to thank you very much for developing the platform, I usually got around C for my exams, now I scored an A+, an A and a A- !!

Testimonial person
Melanie
Psychology Student
Quotes

Since using Study Smart, my average has increased significantly. I even completed a statistics course with a A+ while I'm bad at statistics. I took on extra courses this year, because of Study Smart. Thanks so much!

Testimonial person
Jane
Nursing Studies
Quotes

Ever since I started studying with StudySmart I passed all my exams !!! No more re-sits!! At first, I was happy with a pass and now I only get good grades. Many thanks!

Testimonial person
Rose
Political Science Student
Quotes

I aced all the courses I studied with Study Smart. For law, I first scored a D, and now an A! I’m 100% sure that I’ll pass all the courses I study with Study Smart.

Testimonial person
Tina
Medicine Student
Quotes

I always thought I studied well. My grades were fine. I could never have imagined that applying these study skills would have such a huge and direct impact on my grades, my speed and the pleasure I have in learning.

Testimonial person
Julie
Marketing Student
Quotes

For the first time, I finally feel totally confident about the way I learn. I have the perfect overview and make great progress in terms of speed and the grades I get. Thanks, Chris!

Testimonial person
Matt
Industrial Engineering Student
Quotes

I immediately started to enjoy learning again, and my grades soared. All of a sudden, everything went better. I highly recommend Study Smart to all students..

Testimonial person
Emma
Law Student
Quotes

Being able to create my materials online made the process of studying so much smoother and quicker. I no longer have to spend a huge amount of my time on creating my summaries.

Testimonial person
Michael
Psychology Student
Quotes

At first, my notes were a mess. Now I use Study Smart to take my notes in a perfectly structured way. It helps me to save a lot of time and do other things I enjoy.

Testimonial person
Emily
Teacher
Quotes

Students that study with Study Smart get better grades. The system applies all the learning methods in such a way that both well-performing students and students who struggle perform much better.

Testimonial person
Richard
Literature Student
Quotes

Hi Chris, I would like to thank you very much. Last year I scored C on a course, and this year I got an A+ thanks to your method! Thank you very much!

Testimonial person
Madison
Parent
Quotes

The largest effect is that my child is more enthusiastic about school! Every parent wants their children to be happy at school, Study Smart made it happen.

Testimonial person
Robert
Accountant Student
Quotes

In high school, I failed several exams, and that has really changed now. I actually needed this tool very much back then. Since I started studying with StudySmart, I haven't had any D's. My average score is now an A and those are results I would have never had in the past

Testimonial person
James
Business and Science Student
Quotes

With my old method, I passed only 3 out of 8 courses. Since I started taking my notes digitally in Study Smart, I have passed all my courses on the first try. For me, StudySmart takes away the stress of wondering if I will pass or not.

Testimonial person
Christopher
Veterinarian Student
Quotes

Thanks to StudySmart, I passed all my exams, and with better grades than before! On top of that, I have mastered a very good study method now, which I am confident will help me earn my degree.

Why do companies have different architectures?

Different....
1. business drivers
2. Security and regulatory requirements
3. Cultures
4. Organizational structures

What's the first step in developing an architecture?

Identify the stakeholders

What's the second step of developing an architecture?

The different viewpoints within the organization.

What are the advantages of using an enterprise architecturen?

1. It gives you inside about the company from several different views
2. It gives you inside about how a change on one level will affect items at other levels.  Example: Will new networking devices be required when i change level above.

Why do we need enterprise architecture frameworks?

Because business people or technology people use a lot of different words to explain things. Because of organizations around the world have implemented incorrect solutions because the business functionality to technical specifications requirements was not understood.

What law is being introduced in the U.S. To minimize the failure cost of implementing the wrong systems and application?

Clinger-Cohen Act for federal agencies to improve their IT expenditures.

Which enterprise architecture framework was one of the first that has been introduced and by who?

Zachman architecture framework by John Zachman

During which period in time was the Zachman architecture framework being developed?

1980s

What is the goal of the Zachman framework?

To be able to look at the same organization from different viewpoints

Who created the TOGAF framework?

U.S. Department of defense

In which way can individual architecture types be created by TOGAF?

With the use of Architecture Development Method (ADM)

Where is the DoDAF framework good at?

Spanning many different complex government agencies to allow interoperability and proper hierarchical communication channels.

On which 7 areas lies the focus of DoDAF?

The focus lies on:
1. Command
2. Control
3. Communications
4. Computer
5. Intelligence
6. Surveillance and reconnaissance systems
7. Processes

What is a very important aspect of DoDAF to work properly?

That different devices communicate using the same protocol types and interoperable software components and also using the same data elements.

Who developed the MODAF?

British MOD

Besides DoDAF and MODAF being used only for military purposes, where it is also being used for?

For enterprise environments

How do you determine which framework is best for your organization?

By finding out who the stakeholders are and what information they need from the architecture and how the architecture would provide this information.

What is the enterprise security architecture about?

It's a subset of the enterprise architecture and defines the information security strategy. that consists of layers of solutions, processes, and procedures and the way the linked across an enterprise strategically, tactically and operationally.

Where does ISMS stand for?

Information Security Management System

What is the main reason to develop a enterprise security architecture?

To ensure that security efforts align with business practices in a standardized and cost-effective manner. The architecture works at an abstraction level and provides a frame of reference.

Why do many organizations not develop and roll out an enterprise security architecture?

Because they do not fully understand what one is and the task seems overwhelming. Fighting fires is more understandable and straightforward so many companies stay with this familiar approach

Where does SABSA stand for?

Sherwood Applied Business Security Architecture

SABSA provides a life-cycle model, what is meant by that?

The architecture can be constantly monitored and improved upon over time by using this model.

Which 4 things are important to understood to develop en implement a successfull enterprise security architecture

1. Strategic alignment
2. Business enablement
3. Process enhancement
4. Security effectiveness

What is meant by strategic alignment?

It means the business drivers and the regulatory and legal requirements are being met by the security enterprise architecture.

Security efforts need to provide survival for a company, but also.....

It need the company to be able to thrive.

What does Business Enablement mean?

The core business processes are integrated into the security operating model. They are standards-based and follow a risk tolerance criteria.

What is meant with process reengineering?

In organizations, duplicated processes can take place. Maybe it's possible to automate manual steps, or are their ways to streamline and reduce time and effort involved in certain tasks. This is called process reengineering.

What is meant by process enhancement?

The effort that is being put into the chance to enhance and improve upon process to improve and increase productivity.

What is Security Effectiveness about?

Deals with:
1. Metrics
2. Meeting service level agreement (SLA) requirements
3. Achieving a return on investment (ROI)
4. Meeting set baselines
5. Providing management with a dashboard or a balanced scorecard system

These are ways to determine how useful the current security solutions and architecture as a whole are performing. Are the controls in place providing the necessary level of protection?

What are the differences between Enterprise and system architectures?

1. Enterprise architecture addresses the structure of an organization.
2. System architecture addresses the structure of software and computing components.

What layers should the rules within an organizational security policy support?

1. Application code
2. The security kernel of OS
3. Hardware security provided by computer's CPU

The question on the page originate from the summary of the following study material:

CISSP All-in-One Exam Guide, Eighth Edition | 9781260142655 | Fernando Maymi, et al

View summary
  • A unique study and practice tool
  • Never study anything twice again
  • Get the grades you hope for
  • 100% sure, 100% understanding
Remember faster, study better. Scientifically proven.
Trustpilot Logo

Topics that are related to Domain 1: Security and Risk Management - Security Frameworks - Enterprise Architecture Development

Summaries related to Domain 1: Security and Risk Management - Fundamental Principles of Security - Integrity