You work as a CSO (Chief Security Officer) for Tech Perfect Inc. You want to perform the following
tasks: Develop a risk-driven enterprise information security architecture. Deliver security
infrastructure solutions that support critical business initiatives. Which of the following methods will
you use to accomplish these tasks?

A.
Service-oriented modeling and architecture

B.
Service-oriented modeling framework

C.
Sherwood Applied Business Security Architecture

D.
Service-oriented architecture

Explanation:
SABSA (Sherwood Applied Business Security Architecture) is a framework and
methodology for Enterprise Security Architecture and Service Management. SABSA is a model
and a methodology for developing risk-driven enterprise information security architectures and for
delivering security infrastructure solutions that support critical business initiatives. The primary
characteristic of the SABSA model is that everything must be derived from an analysis of the
business requirements for security, especially those in which security has an enabling function
The service-oriented modeling framework (SOMF) is a service-oriented development life cycle
methodology. It offers a number of modeling practices and disciplines that contribute to a
successful service-oriented life cycle management and modeling. The service-oriented modeling
framework illustrates the major elements that identify the “what to do” aspects of a service
(SOMA) includes an analysis and design method that extends traditional object-oriented and
component-based analysis and design methods to include concerns relevant to and supporting
principles used during the phases of systems development and integration.