Preview

ISSC 363 Week 2 Quiz

Satisfactory Essays
Open Document
Open Document
320 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
ISSC 363 Week 2 Quiz
1. Which of the following statements best describes risk?
The probability of loss of a valued resource
2. In which of the IT domains is a hub considered a major component of risk?
Unknown—NOT USER DOMAIN
3. How does risk management impact an organization?
Affects the survivability
4. Which of the following is not a technique for dealing with vulnerabilities?
Cost-benefit analysis
5. Which of the following statements about threats is not accurate?
Threats can be eliminated completely
6. What would you most commonly do to reduce the potential risk from a threat/vulnerability pair?
Reduce the vulnerability
7. After implementing several security controls, what should be done to ensure the controls are performing as expected?
Continuous monitoring
8. What is the most common target of perpetrators initiating an exploit?
Public-facing servers
9. Which of the following is a U.S. organization that publishes the Special Publication 800 (SP 800) series of documents?
NIST
10. What U.S. organization routinely publishes free cybersecurity-related alerts and tips, and includes the ability to subscribe to e-mail alerts for cybersecurity topics?
Unknown—NOT CVE
11. Companies are expected to understand and abide by any laws that apply to them. What is this commonly called?
Compliance
12. To which of the following would HIPAA apply?
Health insurance companies
13. What is the first step you would take when creating a HIPAA compliance plan?
Assessment
14. Which agency enforces the Sarbanes-Oxley Act (SOX)?
SEC
15. To which of the following would SOX apply?
Publicly traded companies
16. Which of the following is not one of the objectives of a risk management plan?
Eliminate risk
17. Which portion of a risk management plan explains the extent to which the plan will be organized and carried out?
Scope
18. What is scope?
Boundaries of a plan
19. Of the following choices, what is not a responsibility of a project manager for a risk management plan?

You May Also Find These Documents Helpful

  • Satisfactory Essays

    Influence of risk management process which have made Global fulfills in goals. Understanding Globals goal was part of the problem, once they understood then it was simply following a risk management plan which pertains to these items. Most critically, risk management plans include a risk strategy. Broadly, there are four potential strategies, with numerous variations. Projects may choose to:…

    • 406 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    IS305

    • 300 Words
    • 2 Pages

    10. I would define the tools needed as both give excellent information that will help safeguard the network and tell you what is needed as eliminating a lot of the risk.…

    • 300 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Is 305 Lab 1

    • 538 Words
    • 3 Pages

    * Given a scenario, prioritize risks, threats, and vulnerabilities based on their risk impact to the organization…

    • 538 Words
    • 3 Pages
    Satisfactory Essays
  • Satisfactory Essays

    A purpose of a legal risk-management plan is to reduce the risk of being sued and to…

    • 1357 Words
    • 10 Pages
    Satisfactory Essays
  • Satisfactory Essays

    9. The domains that require software vulnerability assessments to mitigate risk from software vulnerabilities would be the following:…

    • 465 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    4. Each of the following is a successive layer in which information security is achieved except _______.…

    • 3457 Words
    • 14 Pages
    Good Essays
  • Satisfactory Essays

    Risk Management Lab 1

    • 562 Words
    • 4 Pages

    2. How many threats and vulnerabilities did you find that impacted risk within each of the seven domains of a typical IT infrastructure?…

    • 562 Words
    • 4 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Part (B) critically appraise the implementation of the change process including resistance to change and practical management aspects.…

    • 449 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    Which of the following managerial functions involves a detailed financial and operational description of anticipated operations?…

    • 4430 Words
    • 18 Pages
    Good Essays
  • Good Essays

    AC507

    • 4140 Words
    • 17 Pages

    a. Identify and provide promptly all government property and projects with the proper risk analysis and adequacy of insurance cover thru effective strategies and operational tactics;…

    • 4140 Words
    • 17 Pages
    Good Essays
  • Good Essays

    risk may be considered as a vulnerability and there are vulnerabilities without risk when the…

    • 653 Words
    • 4 Pages
    Good Essays
  • Better Essays

    Intoduction to Risk

    • 6014 Words
    • 25 Pages

    business. Risk Different Meanings Of Risk The term risk has a variety of meanings in business and everyday life. At its most general leve1, risk is used to describe any situation where there is uncertainty about what outcome will occur. Life is obviously very risky. Even the short-term future is often highly uncer-tain. In probability and statistics, financial management, and investment management, risk is often used in a more specific sense to indicate possible variability in outcomes around some expected value. We will develop the ideas of expected value and risk as reflecting variability around the expected value in the next few chapters. For now it is sufficient for you to think of the expected value as the outcome that would occur on average if a person or business were repeatedly exposed to the same type of risk. If you have not yet encountered these concepts in statistics or fi-nance classes, the following example from the sports world might help. Allen Iverson has averaged about 30 points per game in his career in the National Basketball Association. As we write this, he shows little sign of slowing down. It is therefore reasonable to assume that the expected value of his total points in any given game is about 30 points. Risk, in the sense of variability around the expected value, is clearly present. He might score 50…

    • 6014 Words
    • 25 Pages
    Better Essays
  • Satisfactory Essays

    BUS 352 Week 4 Quiz

    • 458 Words
    • 4 Pages

    1. ________ , also called viral marketing, is free advertising that can increase the visibility of niche retailers and products.…

    • 458 Words
    • 4 Pages
    Satisfactory Essays
  • Satisfactory Essays

    a) Encryption is preserved in full disk encryption when a file is copied from one media to another…

    • 1476 Words
    • 6 Pages
    Satisfactory Essays
  • Powerful Essays

    Thesis

    • 6620 Words
    • 27 Pages

    Redja (2000) also defines risk management as a systematic process for the identification and evaluation of pure loss exposure faced by an organization or an individual, and for the selection and implementation of the most appropriate techniques for treating such exposure. The process involves: identification, measurement, and management of the risk. Bessis (2010) also adds that in addition to it being a process, risk management also involves a set of tool and models for measuring and controlling risk. The objectives of risk management include to: minimise foreign exchange losses,…

    • 6620 Words
    • 27 Pages
    Powerful Essays