Question 1

The intent of the ________ is to provide a clear overview of how an organization's IT infrastructure supports its overall business objectives.

Accepted Answer

A)  risk register 
B)  corporate security policy 
C)  vulnerability source 
D)  threat assessment 
A)  risk register 
B)  corporate security policy 
C)  vulnerability source 
D)  threat assessment

Question 2

IT security needs to be a key part of an organization's overallmanagement plan.

Accepted Answer

A) True 
 B)False

Question 3

The purpose of ________ is to determine the basic parameters within which the risk assessment will be conducted and then to identify the assets to be examined.

Accepted Answer

A)  establishing the context 
B)  control 
C)  risk avoidance 
D)  combining 
A)  establishing the context 
B)  control 
C)  risk avoidance 
D)  combining

Question 4

________ specification indicates the impact on the organization should the particular threat in question actually eventuate.

Accepted Answer

A)  Risk 
B)  Consequence 
C)  Threat 
D)  Likelihood 
A)  Risk 
B)  Consequence 
C)  Threat 
D)  Likelihood

Question 5

It is not critical that an organization's IT security policy have fullapproval or buy-in by senior management.

Accepted Answer

A) True 
 B)False

The intent of the ________ is to provide a clear overview of how an organization's IT infrastructure supports its overall business objectives.

IT security needs to be a key part of an organization's overallmanagement plan.

The purpose of ________ is to determine the basic parameters within which the risk assessment will be conducted and then to identify the assets to be examined.

________ specification indicates the impact on the organization should the particular threat in question actually eventuate.

It is not critical that an organization's IT security policy have fullapproval or buy-in by senior management.

Computer Systems Overview

Cryptographic Tools

User Authentication

Access Control

Database and Cloud Security

Malicious Software

Denial-Of-Service Attacks

Intrusion Detection

Firewalls and Intrusion Prevention Systems

Buffer Overflow

Software Security

Operating System Security

Cloud and Iot Security

IT Security Controls, Plans, and Procedures

Physical and Infrastructure Security

Human Resources Security

Security Auditing

Legal and Ethical Aspects

Symmetric Encryption and Message Confidentiality

Public-Key Cryptography and Message Authentication

Internet Security Protocols and Standards

Internet Authentication Applications

Wireless Network Security

Filters

Exam 14: IT Security Management and Risk Assessment

The intent of the ________ is to provide a clear overview of how an organization's IT infrastructure supports its overall business objectives.

IT security needs to be a key part of an organization's overallmanagement plan.

The purpose of ________ is to determine the basic parameters within which the risk assessment will be conducted and then to identify the assets to be examined.

________ specification indicates the impact on the organization should the particular threat in question actually eventuate.

It is not critical that an organization's IT security policy have fullapproval or buy-in by senior management.

Computer Systems Overview

Cryptographic Tools

User Authentication

Access Control

Database and Cloud Security

Malicious Software

Denial-Of-Service Attacks

Intrusion Detection

Firewalls and Intrusion Prevention Systems

Buffer Overflow

Software Security

Operating System Security

Cloud and Iot Security

IT Security Controls, Plans, and Procedures

Physical and Infrastructure Security

Human Resources Security

Security Auditing

Legal and Ethical Aspects

Symmetric Encryption and Message Confidentiality

Public-Key Cryptography and Message Authentication

Internet Security Protocols and Standards

Internet Authentication Applications

Wireless Network Security

Filters