nerdexam
ExamsCERTIFIED-IN-CYBERSECURITYQuestions#171
(ISC)2(ISC)2

CERTIFIED-IN-CYBERSECURITY · Question #171

CERTIFIED-IN-CYBERSECURITY Question #171: Real Exam Question with Answer & Explanation

The correct answer is C: Information Security Management System (ISMS). ISO 27002 is a supplementary standard aimed at guiding implementation controls in order to maintain security controls for Information Security Management Systems (ISMS), as defined in ISO 27001. Among many other aspects, these security controls comprise application security. Risk

Security Principles

Question

Which is the PRIMARY focus of the ISO 27002 standard? ()

Options

  • AHealth Insurance Portability and Accountability Act (HIPAA)
  • BApplication Security
  • CInformation Security Management System (ISMS)
  • DRisk Management

Explanation

ISO 27002 is a supplementary standard aimed at guiding implementation controls in order to maintain security controls for Information Security Management Systems (ISMS), as defined in ISO 27001. Among many other aspects, these security controls comprise application security. Risk management is an activity that is touched on in this standard, but is not its primary focus (it is the focus of the ISO 31000 standard). HIPAA is the United States law that governs the privacy of healthcare information.

Topics

#ISO 27002#ISMS#Information Security Standards

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CERTIFIED-IN-CYBERSECURITY PracticeBrowse All CERTIFIED-IN-CYBERSECURITY Questions