Question 1

What type of learner tends to sit in the middle of the class and learns best through lectures and discussions?

Accepted Answer

A) visual 
B) auditory 
C) kinesthetic 
D) spatial 
A) visual 
B) auditory 
C) kinesthetic 
D) spatial B

Question 2

What is privilege management?

Accepted Answer

Privilege management is the process of assigning and revoking privileges to objects;that is,it covers the procedures of managing object authorizations.

Question 3

Contrast the difference between a pedagogical approach versus an andragogical approach to subject matter.

Accepted Answer

In a pedagogical approach,the subject matter is defined by what the teacher wants to give.In an andragogical approach,learning is organized around situations in life or at work.

Question 4

What describes an agreement between two or more parties and demonstrates a "convergence of will" between the parties?so that they can work together?

Accepted Answer

A) MOU 
B) NDA 
C) BPA 
D) ISA 
A) MOU 
B) NDA 
C) BPA 
D) ISA

Question 5

Why should authorization be obtained for penetration testing and vulnerability testing?

Accepted Answer

A penetration or vulnerability test is a

Question 6

Websites that group individuals and organizations into clusters or groups based on some sort are considered to be what type of networks?

Accepted Answer

A) social media network 
B) social engineering network 
C) social management network 
D) social control network 
A) social media network 
B) social engineering network 
C) social management network 
D) social control network

Question 7

Select the specific type of interview that is usually conducted when an employee leaves the company?

Accepted Answer

A) last interview 
B) initial interview 
C) exit interview 
D) post interview 
A) last interview 
B) initial interview 
C) exit interview 
D) post interview

Question 8

What are the two risk calculation formulas commonly used to calculate expected losses?

Accepted Answer

The Single Loss Expectancy (SLE)is the e

Question 9

What is mean time to recovery (MTTR)?

Accepted Answer

MTTR is the average amount of

Question 10

Which of the following is a basic measure of reliability for systems that cannot be repaired?

Accepted Answer

A) mean time to recovery 
B) mean time to failure 
C) mean time to operate 
D) failure in time 
A) mean time to recovery 
B) mean time to failure 
C) mean time to operate 
D) failure in time

Question 11

A physical control attempts to discourage security violations before they occur.

Accepted Answer

A) True 
 B)False

Question 12

Explain how continuous monitoring can benefit an IT enterprise's operations.

Accepted Answer

Continuous monitoring allows for a conti

Question 13

What is a risk register?

Accepted Answer

A risk register is a list of potential t

Question 14

The FIT calculation is another way of reporting MTTF.

Accepted Answer

A) True 
 B)False

Question 15

Which of the following is considered to be a common security issue? (Choose all that apply. )

Accepted Answer

A) management issues 
B) certificate issues 
C) encrypted credentials 
D) authentication issues 
A) management issues 
B) certificate issues 
C) encrypted credentials 
D) authentication issues

Question 16

What term can be described as a function of threats,consequences of those threats,and the resulting vulnerabilities?

Accepted Answer

A) threat 
B) mitigation 
C) risk 
D) management 
A) threat 
B) mitigation 
C) risk 
D) management

Question 17

Many cloud providers allow customers to perform penetration tests and vulnerability scans without permission and whenever is necessary.

Accepted Answer

A) True 
 B)False

Question 18

A collection of suggestions that should be implemented is referred to as a:

Accepted Answer

A) security policy 
B) baseline 
C) guideline 
D) security procedure 
A) security policy 
B) baseline 
C) guideline 
D) security procedure

Question 19

Distributive allocation refers to "eliminating" the risk.

Accepted Answer

A) True 
 B)False

Question 20

Select the option that best describes a policy:

Accepted Answer

A) A collection of requirements specific to the system or procedure that must be met by everyone 
B) A collection of suggestions that should be implemented 
C) A list of all items that have a positive economic value 
D) A document that outlines specific requirements or rules that must be met 
A) A collection of requirements specific to the system or procedure that must be met by everyone 
B) A collection of suggestions that should be implemented 
C) A list of all items that have a positive economic value 
D) A document that outlines specific requirements or rules that must be met

What type of learner tends to sit in the middle of the class and learns best through lectures and discussions?

What is privilege management?

Contrast the difference between a pedagogical approach versus an andragogical approach to subject matter.

What describes an agreement between two or more parties and demonstrates a "convergence of will" between the parties?so that they can work together?

Why should authorization be obtained for penetration testing and vulnerability testing?

Websites that group individuals and organizations into clusters or groups based on some sort are considered to be what type of networks?

Select the specific type of interview that is usually conducted when an employee leaves the company?

What are the two risk calculation formulas commonly used to calculate expected losses?

What is mean time to recovery (MTTR)?

Which of the following is a basic measure of reliability for systems that cannot be repaired?

A physical control attempts to discourage security violations before they occur.

Explain how continuous monitoring can benefit an IT enterprise's operations.

What is a risk register?

The FIT calculation is another way of reporting MTTF.

Which of the following is considered to be a common security issue? (Choose all that apply. )

What term can be described as a function of threats,consequences of those threats,and the resulting vulnerabilities?

Many cloud providers allow customers to perform penetration tests and vulnerability scans without permission and whenever is necessary.

A collection of suggestions that should be implemented is referred to as a:

Distributive allocation refers to "eliminating" the risk.

Select the option that best describes a policy:

Introduction to Security

Malware and Social Engineering Attacks

Basic Cryptography

Advanced Cryptography and PKI

Networking and Server Attacks

Network Security Devices, Design, and Technology

Administering a Secure Network

Wireless Network Security

Client and Application Security

Mobile and Embedded Device Security

Authentication and Account Management

Access Management

Vulnerability Assessment and Data Security

Business Continuity

Filters

Exam 15: Risk Mitigation

What type of learner tends to sit in the middle of the class and learns best through lectures and discussions?

What is privilege management?

Contrast the difference between a pedagogical approach versus an andragogical approach to subject matter.

What describes an agreement between two or more parties and demonstrates a "convergence of will" between the parties?so that they can work together?

Why should authorization be obtained for penetration testing and vulnerability testing?

Websites that group individuals and organizations into clusters or groups based on some sort are considered to be what type of networks?

Select the specific type of interview that is usually conducted when an employee leaves the company?

What are the two risk calculation formulas commonly used to calculate expected losses?

What is mean time to recovery (MTTR)?

Which of the following is a basic measure of reliability for systems that cannot be repaired?

A physical control attempts to discourage security violations before they occur.

Explain how continuous monitoring can benefit an IT enterprise's operations.

What is a risk register?

The FIT calculation is another way of reporting MTTF.

Which of the following is considered to be a common security issue? (Choose all that apply. )

What term can be described as a function of threats,consequences of those threats,and the resulting vulnerabilities?

Many cloud providers allow customers to perform penetration tests and vulnerability scans without permission and whenever is necessary.

A collection of suggestions that should be implemented is referred to as a:

Distributive allocation refers to "eliminating" the risk.

Select the option that best describes a policy:

Introduction to Security

Malware and Social Engineering Attacks

Basic Cryptography

Advanced Cryptography and PKI

Networking and Server Attacks

Network Security Devices, Design, and Technology

Administering a Secure Network

Wireless Network Security

Client and Application Security

Mobile and Embedded Device Security

Authentication and Account Management

Access Management

Vulnerability Assessment and Data Security

Business Continuity

Filters