MIS 416 Exam 2 questions with accurate answers
Ans✓✓✓
_____ monitoring results gives organizations the capability to maintain
awareness of the risk being incurred, highlight the need to revisit other
steps in the risk management process, and initiate process improvement
activities as needed. Ans✓✓✓ Analyzing
____________ mitigate(s) risk. Ans✓✓✓ Controls
A best practice for enabling a risk mitigation plan from your risk
assessment is prioritizing countermeasures. Ans✓✓✓ True
A business impact analysis (BIA) is an output of the risk assessment
process. Ans✓✓✓ False
A decision is made to accept, avoid, transfer, or mitigate a risk is done in
the risk evaluation stage. Ans✓✓✓ True
A gap analysis report documents differences between what is mitigated
and what is NOT mitigated, resulting in a gap in security. Ans✓✓✓
True
A KPx is a summary of one or more KPIs. Ans✓✓✓ False
,A risk ____ could be a simple listing of identified risks, some of which
are already assessed and others of which are still in the process of being
qualified Ans✓✓✓ Inventory
A risk assessment ends with a report. Ans✓✓✓ True
A risk assessment ends with a report. Ans✓✓✓ True
A risk assessment provides a point-in-time report. Ans✓✓✓ True
A risk assessment provides a point-in-time report. Ans✓✓✓ True
A threshold KPI is significant when an index falls into a set range.
Ans✓✓✓ True
Access controls testing verifies user rights and permissions. Ans✓✓✓
True
Action plans are a necessary output of the risk assessment process so
that recommendations can be acted upon quickly once the assessment is
approved. Ans✓✓✓ True
, After you collect data on risks and recommendations, you include that
information in a report, and you give that report to management. Why do
you do this? Ans✓✓✓ to help management decide which
recommendations to use
After you collect data on risks and recommendations, you include that
information in a report, and you give that report to management. Why do
you do this? Ans✓✓✓ to help management decide which
recommendations to use
ALE is: Ans✓✓✓ SLE x ARO
All of the following are KPI types except: Ans✓✓✓ Esoteric
All of the following are risk treatments in different frameworks except?
Ans✓✓✓ Control
All of the following are risk treatments in different frameworks except?
Ans✓✓✓ Ignore
Another term for data range and reasonableness checks is
______________. Ans✓✓✓ Input validation
Asset valuation is a listing or grouping of assets under an assessment.
Ans✓✓✓ False
Ans✓✓✓
_____ monitoring results gives organizations the capability to maintain
awareness of the risk being incurred, highlight the need to revisit other
steps in the risk management process, and initiate process improvement
activities as needed. Ans✓✓✓ Analyzing
____________ mitigate(s) risk. Ans✓✓✓ Controls
A best practice for enabling a risk mitigation plan from your risk
assessment is prioritizing countermeasures. Ans✓✓✓ True
A business impact analysis (BIA) is an output of the risk assessment
process. Ans✓✓✓ False
A decision is made to accept, avoid, transfer, or mitigate a risk is done in
the risk evaluation stage. Ans✓✓✓ True
A gap analysis report documents differences between what is mitigated
and what is NOT mitigated, resulting in a gap in security. Ans✓✓✓
True
A KPx is a summary of one or more KPIs. Ans✓✓✓ False
,A risk ____ could be a simple listing of identified risks, some of which
are already assessed and others of which are still in the process of being
qualified Ans✓✓✓ Inventory
A risk assessment ends with a report. Ans✓✓✓ True
A risk assessment ends with a report. Ans✓✓✓ True
A risk assessment provides a point-in-time report. Ans✓✓✓ True
A risk assessment provides a point-in-time report. Ans✓✓✓ True
A threshold KPI is significant when an index falls into a set range.
Ans✓✓✓ True
Access controls testing verifies user rights and permissions. Ans✓✓✓
True
Action plans are a necessary output of the risk assessment process so
that recommendations can be acted upon quickly once the assessment is
approved. Ans✓✓✓ True
, After you collect data on risks and recommendations, you include that
information in a report, and you give that report to management. Why do
you do this? Ans✓✓✓ to help management decide which
recommendations to use
After you collect data on risks and recommendations, you include that
information in a report, and you give that report to management. Why do
you do this? Ans✓✓✓ to help management decide which
recommendations to use
ALE is: Ans✓✓✓ SLE x ARO
All of the following are KPI types except: Ans✓✓✓ Esoteric
All of the following are risk treatments in different frameworks except?
Ans✓✓✓ Control
All of the following are risk treatments in different frameworks except?
Ans✓✓✓ Ignore
Another term for data range and reasonableness checks is
______________. Ans✓✓✓ Input validation
Asset valuation is a listing or grouping of assets under an assessment.
Ans✓✓✓ False
