According to ISO 27014 or COBIT, which of the following is not a governance process or area? (Wentz QOTD)
A. Acquire
B. Evaluate
C. Direct
D. Monitor
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is A. Acquire.
Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.
Reference
根據 ISO 27014 或 COBIT,以下哪個不是治理的流程或領域? (Wentz QOTD)
A. 獲得 (acquire)
B. 評估 (evaluate)
C. 指示 (Direct)
D. 監控 (Monitor)