Week 2 Quiz
Question 1 of 20
Which of the following statements best describes risk? A.An error or weakness in the security system B.A negative effect or influence on an information system C.The probability of loss of a valued resource D.An external situation or event with the potential to cause harm to an IT system
Question 2 of 20
In which of the IT domains is a hub considered a major component of risk? A.LAN-WAN Domain B.User Domain C.Workstation Domain D.LAN Domain
Question 3 of 20
How does risk management impact an organization? A.Affects the survivability B.Increases the profitability C.Does not affect the profitability D.Does not affect the survivability
Question 4 of 20
Which of the following is not a technique for dealing with vulnerabilities? A.Accreditation B.Cost-benefit analysis C.System logs D.Audits
Question 5 of 20
Which of the following statements about threats is not accurate? A.Threats are always present. B.Threats can be eliminated completely. C.Appropriate actions can reduce the chances of occurrence of threats. D.Appropriate actions can reduce the impact of a threat but not the threat itself.
Question 6 of 20
What would you most commonly do to reduce the potential risk from a threat/vulnerability pair? A.Reduce the vulnerability B.Reduce the threat C.Remove controls D.Remove countermeasures
Question 7 of 20
After implementing several security controls, what should be done to ensure the controls are performing as expected? A.Continuous monitoring B.Remove existing controls C.Configuration management D.Version control
Question 8 of 20
What is the most common target of perpetrators initiating an exploit? A.End-user systems B.Users unaware of social engineering tactics C.Public-facing servers D.Internal servers
Question 9 of 20
Which of the following is a U.S. organization that publishes the Special Publication 800 (SP 800) series
Which of the following statements best describes risk? A.An error or weakness in the security system B.A negative effect or influence on an information system C.The probability of loss of a valued resource D.An external situation or event with the potential to cause harm to an IT system
Question 2 of 20
In which of the IT domains is a hub considered a major component of risk? A.LAN-WAN Domain B.User Domain C.Workstation Domain D.LAN Domain
Question 3 of 20
How does risk management impact an organization? A.Affects the survivability B.Increases the profitability C.Does not affect the profitability D.Does not affect the survivability
Question 4 of 20
Which of the following is not a technique for dealing with vulnerabilities? A.Accreditation B.Cost-benefit analysis C.System logs D.Audits
Question 5 of 20
Which of the following statements about threats is not accurate? A.Threats are always present. B.Threats can be eliminated completely. C.Appropriate actions can reduce the chances of occurrence of threats. D.Appropriate actions can reduce the impact of a threat but not the threat itself.
Question 6 of 20
What would you most commonly do to reduce the potential risk from a threat/vulnerability pair? A.Reduce the vulnerability B.Reduce the threat C.Remove controls D.Remove countermeasures
Question 7 of 20
After implementing several security controls, what should be done to ensure the controls are performing as expected? A.Continuous monitoring B.Remove existing controls C.Configuration management D.Version control
Question 8 of 20
What is the most common target of perpetrators initiating an exploit? A.End-user systems B.Users unaware of social engineering tactics C.Public-facing servers D.Internal servers
Question 9 of 20
Which of the following is a U.S. organization that publishes the Special Publication 800 (SP 800) series