In this lab, you defined COBIT P09, you described COBIT P09’s six control object

Question

In this lab, you defined COBIT P09, you described COBIT P09’s six control objectives, you explained how the threats and vulnerabilities align to the definition for the assessment and management of risks, and you used COBIT P09 to determine the scope of risk management for an IT infrastructure. Lab Assessment Questions & Answers 1. What is COBIT P09’s purpose? 2. Name three of COBIT’s six control objectives. 3. For each of the threats and vulnerabilities from the Identifying Threats and Vulnerabilities in an IT Infrastructure lab in this lab manual (list at least three and no more than five) that you have remediated, what must you assess as part of your overall COBIT P09 risk management approach for your IT infrastructure? 4. True or false: COBIT P09 risk management control objectives focus on assessment and management of IT risk. 17 Copyright © 2015 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved. www.jblearning.com Student Lab Manual 5. What is the name of the organization that defined the COBIT P09 Risk Management Framework? 6. Describe three of the COBIT P09 control objectives. 7. Describe three of the COBIT P09.1 IT Risk Management Framework control objectives.

Explanation / Answer

1.What is COBIT P09’s Purpose?

Answer:

The purpose of COBIT is to provide management and business process owners with an information technology (IT) governance model that helps in delivering value from IT and understanding and managing the risks associated with IT.COBIT helps bridge the gaps amongstbusiness requirements, control needs and technical issues. It is a control model to meet the needs of IT governance and ensure the integrity of information and information systems.

2. Name three of COBIT’s six control objectives

Answer:

a.Plan and Organize

b.Acquire and Implement

c.Monitor and Evaluate

3. For each of the threats and vulnerabilities from the Identifying Threats and Vulnerabilities in an IT Infrastructure lab in this lab manual (list at least three and no more than five) that you have remediated, what must you assess as part of your overall COBIT P09 risk management approach for your IT infrastructure?

Answer:

Denial of service attack- close the ports and change the passwords

Loss of Production Data- Backup the data and restore the data from the most recent known safe point.

Unauthorized access Workstation- Implement a policy where employees have to adjust their passwords every sixty days and that they must set a screen lockout when they step away from their workstation

4. True or false: COBIT P09 risk management control objectives focus on assessment and management of IT risk

Answer:

True

Explanation:

COBIT P09 risk management control objectives focus on assessment and management of IT risk.

5. What is the name of the organization that defined the COBIT P09 Risk Management Framework?

Answer:

Information Systems Audit and Control Association (ISACA)

6. Describe three of the COBIT P09 control objectives

Answer:

The framework documents a common and agreed-upon level of IT risks, mitigation strategies and residual risks.

Any potential impact on the goals of the organization caused by an unplanned events is identified, analyzed andassessed.

Risk mitigation strategies are adopted to minimize residual risk to an accepted level

7. Describe three of the COBIT P09.1 IT Risk Management Framework control objectives.

Answer:

Hazard Management structure control goals would be to first ensure that the dangeradministration is completely presented in the organization technique both inside and externaland that it is always associated. Second to perform hazard appraisals and third to recommend and pass on the danger activityarrangement

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.