Chat with AIExam 9: Risk Management: Controlling Risk
Exam 1: Introduction to the Management of Information Security139 Questions
Exam 2: Planning for Security123 Questions
Exam 3: Planning for Contingencies114 Questions
Exam 4: Information Security Policy133 Questions
Exam 5: Developing the Security Program133 Questions
Exam 6: Security Management Models120 Questions
Exam 7: Security Management Practices114 Questions
Exam 8: Risk Management: Identifying and Assessing Risk78 Questions
Exam 9: Risk Management: Controlling Risk105 Questions
Exam 10: Protection Mechanisms133 Questions
Exam 11: Personnel and Security133 Questions
Exam 12: Law and Ethics113 Questions
Select questions type
Mitigation of risk involves applying safeguards that eliminate or reduce the remaining uncontrolled risks._________________________
(True/False)
4.9/5 
(37)
(37) One of the most common methods of obtaining user acceptance and support is via ____.
(Multiple Choice)
4.8/5 (38)
(38) Management consultants Tom Peters and Robert Waterman assert that one of the eight characteristics of excellent organizations is that they "stick to their knitting",which means ____.
(Multiple Choice)
4.8/5 (34)
(34) Residual risk is also known as risk tolerance and is the amount of risk organizations are willing to accept after all reasonable controls have been implemented.
(True/False)
4.8/5 (37)
(37) The effectiveness of controls should be ____________________ and measured regularly once a control strategy has been selected.
(Short Answer)
4.8/5 (42)
(42) ____ is the quantity and nature of risk that organizations are willing to accept as they evaluate the trade-offs between perfect security and unlimited accessibility.
(Multiple Choice)
5.0/5 (36)
(36) Due care and due diligence occur when an organization adopts a certain minimum level of security as what any ____ organization would do in similar circumstances.
(Multiple Choice)
4.8/5 (35)
(35) Organizations can establish a competitive business model,method,or technique allowing it to provide a product or service that is superior in some way creating competitive disadvantage._________________________
(True/False)
5.0/5 (38)
(38) ISO ____ is the ISO standard for the performance of risk management,and includes a five-stage risk management methodology.
(Multiple Choice)
4.8/5 (42)
(42) Economic and non-economic effects of a weakness must be evaluated after a strategy for dealing with a particular vulnerability has been selected.
(True/False)
4.8/5 (29)
(29) The goal of information security is to bring residual risk in line with an organization's risk appetite._________________________
(True/False)
4.7/5 (41)
(41) A cost benefit analysis (CBA)result is obtained from the difference between the pre-control and the ____________________ annualized loss expectancy (ALE).
(Short Answer)
4.8/5 (36)
(36) Avoidance of risk is accomplished through the application of procedures,training and education and the implementation of technical security controls and safeguards._________________________
(True/False)
4.8/5 (34)
(34) Which of the following is NOT an alternative to cost-benefit analyses?
(Multiple Choice)
4.9/5 (35)
(35) Unlike other risk management frameworks,FAIR relies on the ____ assessment of many risk components using scales with value ranges,for example very high to very low.
(Multiple Choice)
4.8/5 (38)
(38) In Risk Management is asset valuation,as it is relatively easy to determine accurately the true value of information and information-bearing assets.
(True/False)
4.9/5 (44)
(44) Unlike other risk management frameworks,FAIR relies on the qualitative assessment of many risk components using scales with value ranges,for example very high to very low.
(True/False)
4.8/5 (45)
(45) One of the most common methods of obtaining user acceptance and support is via user ____________________ .
(Short Answer)
4.9/5 (32)
(32) The risk control strategy that seeks to reduce the impact of a successful attack through the use of IR,DR and BC plans is ____________________ .
(Short Answer)
4.7/5 (34)
(34) 
Filters
- Essay(0)
- Multiple Choice(0)
- Short Answer(0)
- True False(0)
- Matching(0)