Apart from security requirements internal to the organisation, what other strategic goals should a Data Security Management system address?除了企业内部安全需求之外,哪些战略目标需要数据安全管理系统支撑?:()?
(A)None of these所有选项均不正确
(B)Compliance with ISO27001 and HIPPA兼容ISO27001和HIPPA
(C)Compliance with ISO29100 and PCI-DSS兼容ISO29100和PCI-DSS
(D)Regulatory requirements for privacy and confidentiality AND Privacy and Confidentiality needs of all stakeholders对于监管上要求的机密与私隐,和所有利害关系人要求的机密与私隐
(E)Ensuring the organization doesn't engage in SPAM marketing确保企业不会使用垃圾邮件做市场推广 答案解析: 该题又是典型的,题目考的是顶层设计能力,答案是微观的能力混淆大家视线。要支撑题目所说的战略目标,应该也需要一些顶层的安全设计考虑,大家看“Compliance with ISO29100 and PCI-DSS”与“Compliance with ISO27001 and HIPPA”,明显就是具体的动作,这种动作无穷无尽,因此他们俩不能选,又因为他们俩不能选,所以“None of these”肯定也不能选至于“Ensuring the organization doesn‘t engage in SPAM marketing”,也是一个相对落地的政策需求,另外,要发垃圾邮件,安全管理系统也无法进行支撑。所以,“Regulatory requirements for privacy and confidentiality AND Privacy and Confidentiality needs of all stakeholders”答案是所有答案中较好的一个,提的也是一些顶层的安全设想,虽然也不完美这题属于DAMA中那10%的困难题目。
更多CDMP数据治理试题
- 1Information gaps-the difference between what information is needed and whatever trustworthy information is currently available-represent信息差距——所需信息与当前可用的可信信息之间的差异——表示:()?
- 2数据模型对于有效管理数据至关重要,因为它们:(单选题)
- 3A sandbox is a type of database environment used for:沙箱是一种数据库环境,用于::()?
- 4A Data Quality dimension is:数据质量维度是::()?
- 5A database that is growing at 100% per annum compound will be:年复合增长率为100%的数据库将::()?
- 6The goals of data storage and operations are:数据存储和操作的目标是::()?
