Chat with AIExam 7: Risk Management: Controlling Risk
Exam 1: Introduction to the Management of Information Security63 Questions
Exam 2: Compliance: Law and Ethics50 Questions
Exam 3: Governance and Strategic Planning for Security52 Questions
Exam 4: Information Security Policy56 Questions
Exam 5: Developing the Security Program55 Questions
Exam 6: Risk Management: Identifying and Assessing Risk60 Questions
Exam 7: Risk Management: Controlling Risk60 Questions
Exam 8: Security Management Models60 Questions
Exam 9: Security Management Practices59 Questions
Exam 10: Planning for Contingencies60 Questions
Exam 11: Personnel and Security60 Questions
Exam 12: Protection Mechanisms61 Questions
Select questions type
Briefly describe the five basic strategies to control risk that result from vulnerabilities.
(Essay)
4.7/5 
(38)
(38) By multiplying the asset value by the exposure factor,you can calculate which of the following?
(Multiple Choice)
4.7/5 (35)
(35) Which of the following is NOT a valid rule of thumb on risk control strategy selection?
(Multiple Choice)
4.9/5 (45)
(45) Due care and due diligence occur when an organization adopts a certain minimum level of security-that is,what any prudent organization would do in similar circumstances.____________
(True/False)
4.9/5 (36)
(36) A benchmark is derived by comparing measured actual performance against established standards for the measured category.____________
(True/False)
4.8/5 (36)
(36) The risk control strategy that seeks to reduce the impact of a successful attack through the use of IR,DR and BC plans is ____________________ .
(Short Answer)
4.8/5 (34)
(34) The ISO 27005 Standard for Information Security Risk Management includes five stages including all but which of the following?
(Multiple Choice)
4.8/5 (40)
(40) Once an organization has estimated the worth of various assets,what three questions must be asked to calculate the potential loss from the successful exploitation of a vulnerability?
(Essay)
4.8/5 (44)
(44) A process of assigning financial value or worth to each information asset.
(Multiple Choice)
4.8/5 (31)
(31) An examination of how well a particular solution fits within theorganization's strategic planning objectives and goals.
(Multiple Choice)
4.9/5 (37)
(37) A risk control strategy that eliminates all risk associatedwith an information asset by removing it from service.
(Multiple Choice)
4.9/5 (33)
(33) Explain two practical guidelines to follow in risk control strategy selection.
(Essay)
4.9/5 (46)
(46) What is the result of subtracting the post-control annualized loss expectancy and the ACS from the pre-control annualized loss expectancy?
(Multiple Choice)
4.7/5 (35)
(35) An examination of how well a particular solution is supportable given the organization's current technological infrastructure and resources,which include hardware,software,networking,and personnel is known as operational feasibility.____________
(True/False)
4.8/5 (29)
(29) To keep up with the competition organizations must design and create a ____________ environment in which business processes and procedures can function and evolve effectively.
(Short Answer)
4.8/5 (40)
(40) Which of the following determines acceptable practices based on consensus and relationships among the communities of interest.
(Multiple Choice)
5.0/5 (50)
(50) The risk control strategy that eliminates all risk associated with an information asset by removing it from service is known as the termination risk control strategy.
(True/False)
5.0/5 (35)
(35) Risks can be avoided by countering the threats facing an asset or by eliminating the exposure of an asset.
(True/False)
4.9/5 (46)
(46) 
Filters
- Essay(0)
- Multiple Choice(0)
- Short Answer(0)
- True False(0)
- Matching(0)