Which statement best captures the difference between SABSA and TOGAF in security architecture?

Prepare for the ISSAP Exam with challenging questions and insights. Enhance your understanding using flashcards and detailed explanations. Master your skills for success!

Multiple Choice

Which statement best captures the difference between SABSA and TOGAF in security architecture?

Explanation:
Two frameworks approach security architecture with different starting points and focus. SABSA centers security as the primary driver, building a layered architecture whose decisions are driven by risk and aligned to business goals across layers from contextual to operational. This means the security design is inseparable from business needs and risk posture, shaping every layer of the architecture. TOGAF, on the other hand, is an overall enterprise architecture framework. Security is treated as a cross-cutting concern that spans all domains, and work proceeds through the Architecture Development Method, a formal process for developing and governing architectures across the enterprise. Therefore, the statement that SABSA emphasizes a security-focused, risk-driven layered architecture while TOGAF emphasizes enterprise architecture with security as a cross-cutting concern and a formal ADM process best captures the difference. The other options misstate TOGAF’s role of ADM, or misattribute governance emphasis or emphasis on security layering to the wrong framework.

Two frameworks approach security architecture with different starting points and focus. SABSA centers security as the primary driver, building a layered architecture whose decisions are driven by risk and aligned to business goals across layers from contextual to operational. This means the security design is inseparable from business needs and risk posture, shaping every layer of the architecture.

TOGAF, on the other hand, is an overall enterprise architecture framework. Security is treated as a cross-cutting concern that spans all domains, and work proceeds through the Architecture Development Method, a formal process for developing and governing architectures across the enterprise.

Therefore, the statement that SABSA emphasizes a security-focused, risk-driven layered architecture while TOGAF emphasizes enterprise architecture with security as a cross-cutting concern and a formal ADM process best captures the difference. The other options misstate TOGAF’s role of ADM, or misattribute governance emphasis or emphasis on security layering to the wrong framework.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy