WGU C842 CHAPTER 2 RISK ASSESSMENT 29
QUESTIONS WITH VERIFIED ANSWERS 2025/2026
___ is the probability of a threat agent exploiting a vulnerability and the
associated impact. (Note: Remember that a threat agent is defined as an entity
that can exploit a vulnerability, and vulnerability is defined as a weakness or lack
of countermeasures.)
a-Risk policy
b-Risk
c-Incident
d-Attack - CORRECT ANSWER (b) Risk
Risks like hacking, cracking and attacking can be grouped into which one of the
following categories?
a-Equipment malfunction
b-Application error
c-Misuse of data
d-Inside and outside attack
e-Loss of data - CORRECT ANSWER (d) Inside and outside attack
True/False Sharing trade secrets, fraud, espionage, and theft are risks that are
grouped under "Loss of data"? - CORRECT ANSWER False; Sharing trade secrets,
fraud, espionage, and theft are risks that are grouped under "Misuse of data"
, __________ is a set of ideas to be implemented in order to minimize and mitigate
risks faced by an organization?
a-User access policy
b-Risk policy
c-Security policy
d-Security control
e-None of these options - CORRECT ANSWER (b) Risk policy; is a set of ideas to be
implemented in order to minimize and mitigate risks faced by an organization.
Which of the following issues are included in risk policy?
a-Procedures for employees under training who are authorized to access the
system
b-All of these options
c-The computer system's rules of behavior and the consequences of violating the
rules
d-Procedures to monitor the efficiency of the security controls
e-Provisions for supporting situations like interruption in the system or system
crash - CORRECT ANSWER (b) All of these options
a-Procedures for employees under training who are authorized to access the
system
c-The computer system's rules of behavior and the consequences of violating the
rules
d-Procedures to monitor the efficiency of the security controls
e-Provisions for supporting situations like interruption in the system or system
crash
QUESTIONS WITH VERIFIED ANSWERS 2025/2026
___ is the probability of a threat agent exploiting a vulnerability and the
associated impact. (Note: Remember that a threat agent is defined as an entity
that can exploit a vulnerability, and vulnerability is defined as a weakness or lack
of countermeasures.)
a-Risk policy
b-Risk
c-Incident
d-Attack - CORRECT ANSWER (b) Risk
Risks like hacking, cracking and attacking can be grouped into which one of the
following categories?
a-Equipment malfunction
b-Application error
c-Misuse of data
d-Inside and outside attack
e-Loss of data - CORRECT ANSWER (d) Inside and outside attack
True/False Sharing trade secrets, fraud, espionage, and theft are risks that are
grouped under "Loss of data"? - CORRECT ANSWER False; Sharing trade secrets,
fraud, espionage, and theft are risks that are grouped under "Misuse of data"
, __________ is a set of ideas to be implemented in order to minimize and mitigate
risks faced by an organization?
a-User access policy
b-Risk policy
c-Security policy
d-Security control
e-None of these options - CORRECT ANSWER (b) Risk policy; is a set of ideas to be
implemented in order to minimize and mitigate risks faced by an organization.
Which of the following issues are included in risk policy?
a-Procedures for employees under training who are authorized to access the
system
b-All of these options
c-The computer system's rules of behavior and the consequences of violating the
rules
d-Procedures to monitor the efficiency of the security controls
e-Provisions for supporting situations like interruption in the system or system
crash - CORRECT ANSWER (b) All of these options
a-Procedures for employees under training who are authorized to access the
system
c-The computer system's rules of behavior and the consequences of violating the
rules
d-Procedures to monitor the efficiency of the security controls
e-Provisions for supporting situations like interruption in the system or system
crash
