Apart from security requirements internal to the organisation, what other strategic goals should a Data Security Management system address?除了企业内部安全需求之外,哪些战略目标需要数据安全管理系统支撑?:()?
(A)None of these所有选项均不正确
(B)Compliance with ISO27001 and HIPPA兼容ISO27001和HIPPA
(C)Compliance with ISO29100 and PCI-DSS兼容ISO29100和PCI-DSS
(D)Regulatory requirements for privacy and confidentiality AND Privacy and Confidentiality needs of all stakeholders对于监管上要求的机密与私隐,和所有利害关系人要求的机密与私隐
(E)Ensuring the organization doesn't engage in SPAM marketing确保企业不会使用垃圾邮件做市场推广 答案解析: 该题又是典型的,题目考的是顶层设计能力,答案是微观的能力混淆大家视线。要支撑题目所说的战略目标,应该也需要一些顶层的安全设计考虑,大家看“Compliance with ISO29100 and PCI-DSS”与“Compliance with ISO27001 and HIPPA”,明显就是具体的动作,这种动作无穷无尽,因此他们俩不能选,又因为他们俩不能选,所以“None of these”肯定也不能选至于“Ensuring the organization doesn‘t engage in SPAM marketing”,也是一个相对落地的政策需求,另外,要发垃圾邮件,安全管理系统也无法进行支撑。所以,“Regulatory requirements for privacy and confidentiality AND Privacy and Confidentiality needs of all stakeholders”答案是所有答案中较好的一个,提的也是一些顶层的安全设想,虽然也不完美这题属于DAMA中那10%的困难题目。
更多CDMP数据治理试题
- 1One of the difficulties when integrating multiple source systems is:对于集成多个原始系统的困难点在于::()?
- 2Which of the following statements about business rules is FALSE?下面哪一项对于业务规则的描述是错误的?:()?
- 3Which of the following statements about a data warehouse is NOT true?下列关于数据仓库的陈述中哪一项是不正确的?:()?
- 4Which of these is NOT a typical activity in Data Quality Management?下面哪一个不是典型的数据质理管理活动?:()?
- 5Complete the following statement: A business rule...完成下面的陈述:业务规则…:()?
- 6The role of the Physical data model in the Metadata repository is物理数据模型在元数据库中的作用是::()?
