Chat with AIExam 8: Risk Management: Identifying and Assessing Risk
Exam 1: Introduction to the Management of Information Security139 Questions
Exam 2: Planning for Security123 Questions
Exam 3: Planning for Contingencies114 Questions
Exam 4: Information Security Policy133 Questions
Exam 5: Developing the Security Program133 Questions
Exam 6: Security Management Models120 Questions
Exam 7: Security Management Practices114 Questions
Exam 8: Risk Management: Identifying and Assessing Risk78 Questions
Exam 9: Risk Management: Controlling Risk105 Questions
Exam 10: Protection Mechanisms133 Questions
Exam 11: Personnel and Security133 Questions
Exam 12: Law and Ethics113 Questions
Select questions type
During risk identification managers identify the organization's information assets,classify and categorize them into useful groups,and prioritize them by their overall importance._________________________
(True/False)
4.8/5 
(31)
(31) The amount of danger posed by a threat is sometimes difficult to assess.It may be simply the impact of a threat attacking the organization,or it may reflect the amount of damage that the threat could create or the frequency with which an attack can occur._________________________
(True/False)
5.0/5 (38)
(38) A TVA spreadsheet combines prioritized lists of assets and threats to identify vulnerabilities and provide a prioritized list of efforts relating to the implementation of needed controls.
(True/False)
4.8/5 (28)
(28) Which of the following attributes does not apply to software information assets?
(Multiple Choice)
4.9/5 (32)
(32) A(n)comprehensive classification of information assets means that all inventoried assets fit into a category._________________________
(True/False)
4.8/5 (33)
(33) Which of the following distinctly identifies an asset and can be vital in later analysis of threats directed to specific models of certain devices or software components?
(Multiple Choice)
4.9/5 (42)
(42) One of the calculations that guides corporate spending on controls is the cost of ____ operations if an attack occurs and is successful.
(Multiple Choice)
4.8/5 (39)
(39) The process of evaluating potential weaknesses in each information asset is known as ____________________ identification.
(Short Answer)
5.0/5 (39)
(39) Which of the following activities is part of the risk identification process?
(Multiple Choice)
4.8/5 (37)
(37) Information technology managers and technicians are the defenders of information._________________________
(True/False)
4.9/5 (41)
(41) When determining the relative importance of each information asset,refer to the organization's ____ or statement of objectives.From this source,determine which assets are essential for meeting the organization's objectives,which assets support the objectives,and which are merely adjuncts.
(Multiple Choice)
4.9/5 (36)
(36) A well-developed risk management program consists of two formal processes: risk identification and assessment and risk control._________________________
(True/False)
4.9/5 (30)
(30) To make the process of analyzing threats less daunting,steps in the threat and vulnerability identification processes should be handled jointly.
(True/False)
4.7/5 (37)
(37) The first stage in the Risk Identification process is to develop an inventory of information assets.
(True/False)
4.9/5 (40)
(40) ____ is the identification and assessment of levels of risk in the organizations?
(Multiple Choice)
4.8/5 (37)
(37) 
Filters
- Essay(0)
- Multiple Choice(0)
- Short Answer(0)
- True False(0)
- Matching(0)