Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Exam 14: It Risk Analysis and Risk Management

arrow
Exam 1: Introduction25 Questionsadd course
Exam 2: System Administration25 Questionsadd course
Exam 3: System Administration 225 Questionsadd course
Exam 4: Basic Information Security Model25 Questionsadd course
Exam 5: Asset Identification and Characterization25 Questionsadd course
Exam 6: Threats and Vulnerabilities25 Questionsadd course
Exam 7: Encryption Controls24 Questionsadd course
Exam 8: Identity and Access Management25 Questionsadd course
Exam 9: Hardware and Software Controls25 Questionsadd course
Exam 10: Shell Scripting25 Questionsadd course
Exam 11: Incident Handling25 Questionsadd course
Exam 12: Incident Analysis25 Questionsadd course
Exam 13: Policies, Standards and Guidelines25 Questionsadd course
Exam 14: It Risk Analysis and Risk Management25 Questionsadd course
Select questions type
  • Essay
  • Multiple Choice
  • Short Answer
  • True False
  • Matching
  • Select Tags
search iconSearch Question
flashcardsStudy Flashcards
Select questions type
  • Essay
  • Multiple Choice
  • Short Answer
  • True False
  • Matching
  • Select Tags

A certain risk has a 1% likelihood of occurrence in the coming year. If the risk is observed, the organization estimates a loss of $1million. The risk is then assessed as

Free
(Multiple Choice)
4.9/5
(37)
Question 1
Correct Answer:
Verified

D

As described in the text, a statement of a risk includes

Free
(Multiple Choice)
4.8/5
(33)
Question 2
Correct Answer:
Verified

C

IT risk is

Free
(Multiple Choice)
4.8/5
(31)
Question 3
Correct Answer:
Verified

A

Risk management is

(Multiple Choice)
4.9/5
(40)
Question 4

In the NIST 800-39 framework, risk monitoring

(Multiple Choice)
4.9/5
(34)
Question 5

A certain risk has a 1% likelihood of occurrence in the coming year. If the risk is observed, the organization estimates a loss of $1million. A second risk has a 15% likelihood of occurrence in the coming year. If the second risk is observed, the organization estimates a loss of $100,000. Comparing the two risks

(Multiple Choice)
4.9/5
(37)
Question 6

In the NIST 800-39 framework, risk assessment

(Multiple Choice)
4.9/5
(32)
Question 7

The verification of IT general controls as part of a SOX audit follows a

(Multiple Choice)
4.7/5
(38)
Question 8

Section 404 of the Sarbanes-Oxley act of 2002 specifies that

(Multiple Choice)
4.8/5
(34)
Question 9

If assessed using the NIST 800-39 framework, the risk estimate is an accurate measure of the IT risk facing the organization

(True/False)
4.9/5
(34)
Question 10

A given threat is usually associated with one risk

(True/False)
4.9/5
(30)
Question 11

The management model that guides the ISO risk management methodology is

(Multiple Choice)
4.8/5
(39)
Question 12

IT general controls are controls that

(Multiple Choice)
4.8/5
(35)
Question 13

The NIST risk-management framework is specified in the NIST document

(Multiple Choice)
4.9/5
(33)
Question 14

Internal controls over financial reporting involve all of the following except

(Multiple Choice)
4.9/5
(32)
Question 15

Risk is

(Multiple Choice)
4.9/5
(28)
Question 16

The PCAOB created by the Sarbanes-Oxley act of 2002

(Multiple Choice)
4.8/5
(43)
Question 17

In the NIST 800-39 framework, risk response

(Multiple Choice)
4.8/5
(38)
Question 18

The Sarbanes-Oxley act applies to

(Multiple Choice)
4.8/5
(37)
Question 19

Section 302 of the Sarbanes-Oxley act of 2002 specifies that

(Multiple Choice)
4.9/5
(38)
Question 20
Showing 1 - 20 of 25
close modal

Filters

  • Essay(0)
  • Multiple Choice(0)
  • Short Answer(0)
  • True False(0)
  • Matching(0)