Which of the following statements best describes risk?
The probability of loss of a valued resource
In which of the IT domains is a hub considered a major component of risk? Unknown—NOT USER DOMAIN
How does risk management impact an organization?
Affects the survivability
Which of the following is not a technique for dealing with vulnerabilities? Cost-benefit analysis
Which of the following statements about threats is not accurate? Threats can be eliminated completely
What would you most commonly do to reduce the potential risk from a threat/vulnerability pair? Reduce the vulnerability
After implementing several security controls, what should be done to ensure the controls are performing as expected? Continuous monitoring
What is the most common target of perpetrators initiating an exploit? Public-facing servers
Which of the following is a U.S. organization that publishes the Special Publication 800 (SP 800) series of documents? NIST
What U.S. organization routinely publishes free cybersecurity-related alerts and tips, and includes the ability to subscribe to e-mail alerts for cybersecurity topics? Unknown—NOT CVE
Companies are expected to understand and abide by any laws that apply to them. What is this commonly called? Compliance
To which of the following would HIPAA apply?
Health insurance companies
What is the first step you would take when creating a HIPAA compliance plan? Assessment
Which agency enforces the Sarbanes-Oxley Act (SOX)?
To which of the following would SOX apply?
Publicly traded companies
Which of the following is not one of the objectives of a risk management plan? Eliminate risk
Which portion of a risk management plan explains the extent to which the plan will be organized and carried out? Scope
What is scope?
Boundaries of a plan
Of the following choices, what is not a responsibility of a project manager for a risk management plan? Ensuring team...
Please join StudyMode to read the full document