Chat with AIExam 14: It Security Management and Risk Assessment
Exam 1: Computer Systems Overview45 Questions
Exam 2: Cryptographic Tools45 Questions
Exam 3: User Authentication45 Questions
Exam 4: Access Control45 Questions
Exam 5: Database and Cloud Security45 Questions
Exam 6: Malicious Software44 Questions
Exam 7: Denial-Of-Service Attacks45 Questions
Exam 8: Intrusion Detection45 Questions
Exam 9: Firewalls and Intrusion Prevention Systems45 Questions
Exam 10: Buffer Overflow44 Questions
Exam 11: Software Security43 Questions
Exam 12: Operating System Security45 Questions
Exam 13: Trusted Computing and Multilevel Security45 Questions
Exam 14: It Security Management and Risk Assessment45 Questions
Exam 15: It Security Controls,plans,and Procedures45 Questions
Exam 16: Physical and Infrastructure Security45 Questions
Exam 17: Human Resources Security45 Questions
Exam 18: Security Auditing45 Questions
Exam 19: Legal and Ethical Aspects45 Questions
Exam 20: Symmetric Encryption and Message Confidentiality45 Questions
Exam 21: Public-Key Cryptography and Message Authentication45 Questions
Exam 22: Internet Security Protocols and Standards45 Questions
Exam 23: Internet Authentication Applications45 Questions
Exam 24: Wireless Network Security45 Questions
Select questions type
The four approaches to identifying and mitigating risks to an organization's IT infrastructure are: baseline approach,detailed risk analysis,combined approach,and __________ approach.
(Essay)
4.8/5 
(43)
(43) _________ is choosing to accept a risk level greater than normal for business reasons.
(Multiple Choice)
4.7/5 (31)
(31) ________ specification indicates the impact on the organization should the particular threat in question actually eventuate.
(Multiple Choice)
4.7/5 (31)
(31) Establishing security policy,objectives,processes and procedures is part of the ______ step.
(Multiple Choice)
4.9/5 (39)
(39) The ________ has revised and consolidated a number of national and international standards into a consensus of best practice.
(Multiple Choice)
4.9/5 (35)
(35) One asset may have multiple threats and a single threat may target
multiple assets.
(True/False)
4.8/5 (44)
(44) The __________ approach to risk assessment aims to implement a basic general level of security controls on systems using baseline documents,codes of practice,and industry best practice.
(Essay)
4.8/5 (35)
(35) The advantages of the _________ risk assessment approach are that it provides the most detailed examination of the security risks of an organization's IT system and produces strong justification for expenditure on the controls proposed.
(Essay)
4.8/5 (41)
(41) Legal and regulatory constraints may require specific approaches to
risk assessment.
(True/False)
4.8/5 (39)
(39) IT security management has evolved considerably over the last few
decades due to the rise in risks to networked systems.
(True/False)
4.9/5 (30)
(30) ISO details a model process for managing information security that comprises the following steps: plan,do,________,and act.
(Essay)
4.8/5 (30)
(30) The _________ approach combines elements of the baseline,informal,and detailed risk analysis approaches.
(Essay)
4.9/5 (39)
(39) The _________ approach involves conducting a risk analysis for the organization's IT systems that exploits the knowledge and expertise of the individuals performing the analysis.
(Multiple Choice)
4.9/5 (40)
(40) IT security management consists of first determining a clear view of an
organization's IT security objectives and general risk profile.
(True/False)
4.8/5 (44)
(44) A threat may be either natural or human made and may be accidental
or deliberate.
(True/False)
4.8/5 (40)
(40) IT security needs to be a key part of an organization's overall
management plan.
(True/False)
4.8/5 (35)
(35) Maintaining and improving the information security risk management process in response to incidents is part of the _________ step.
(Multiple Choice)
4.8/5 (40)
(40) Implementing the risk treatment plan is part of the ______ step.
(Multiple Choice)
4.8/5 (35)
(35) _________ is a process used to achieve and maintain appropriate levels of confidentiality,integrity,availability,accountability,authenticity,and reliability.
(Essay)
4.9/5 (39)
(39) 
Filters
- Essay(0)
- Multiple Choice(0)
- Short Answer(0)
- True False(0)
- Matching(0)