Which of the following is not an appropriate response to a risk discovered during a risk analysis? |
denial |
Which of the following best defines Single Loss Expectancy (SLE)? |
The total monetary loss associated with a single occurrence of a threat |
What is the average number of times that a specific risk is likely to be realized in a single year? |
Annualized rate of occurrence |
Your company has developed and implemented countermeasures for the greatest risks to their assets. However, there is still some risk left. What is the remaining risk called? |
Residual risk |
Which of the following statements is true regarding risk analysis? (Select two.) |
Don’t implement a countermeasure if the cost is greater than loss. Annualized Rate of Occurrence (ARO) identifies how often the successful threat attack will occur in a single year. |
When would choosing to do nothing about an identified risk be acceptable? |
When the cost of protecting the asset is greater than the potential loss |
If an organization shows suffcient due care, which burden is eliminated in the event of a security breach? |
Negligence |
You have conducted a risk analysis to protect a key company asset. You identify the following values: • Asset value = 400 What is the Annualized Loss Expectancy (ALE)? |
75 |
When conducting a risk assessment, how is the Annualized Rate of Occurrence (ARO) calculated? |
Through historical data provided by insurance companies and crime statistics. |
Purchasing insurance is what type of response to risk? |
Transference |
To determine the value of the company assets, an anonymous survey was used to collect the opinions of all senior and mid-level managers. Which asset valuation method was used? |
Delphi method |
You have conducted a risk analysis to protect a key company asset. You identify the following values: • Asset value = 400 What is the Single Loss Expectancy (SLE)? |
300 |
Which type of Data Loss Prevention system is usually installed near the network perimeter to detect sensitive data that is being transmitted in violation of organizational security policies? |
Network DLP |
Which of the following is not an accepted countermeasure to strengthen a cryptosystem? |
Keep the cryptosystem a secret |
Test out Security pro Practice questions 3.2.4
Share This
Unfinished tasks keep piling up?
Let us complete them for you. Quickly and professionally.
Check Price