Multiple Choice
Risk is
A) A quantified measure of the potential damage caused by a specified threat
B) Capabilities, intentions and attack methods of adversaries to cause harm to assets
C) Resource or information that is to be protected
D) Weaknesses in an information system that can lead to a compromise of an asset
Correct Answer:
Verified
Correct Answer:
Verified
Q11: A given threat is usually associated with
Q12: The management model that guides the ISO
Q13: IT general controls are controls that<br>A) Only
Q14: The NIST risk-management framework is specified in
Q15: Internal controls over financial reporting involve all
Q17: The PCAOB created by the Sarbanes-Oxley act
Q18: In the NIST 800-39 framework, risk response<br>A)
Q19: The Sarbanes-Oxley act applies to<br>A) Internal control
Q20: Section 302 of the Sarbanes-Oxley act of
Q21: The motivation for the passage of the