MIS 416 Exam 1 |382 questions with accurate answers
___ is the negative result if the risk occurs Ans✓✓✓ impact
____ is the likelihood that a threat will exploit a vulnerability Ans✓✓✓
Probability
____ is the likelihood that a threat will exploit a vulnerability. Ans✓✓✓
Probability
____ is the likelihood that a threat will exploit a vulnerablity Ans✓✓✓
Probability
____ negatively affect(s) the CIA triad.
- risks
- threats
- vulnerabilities
- NNTP Ans✓✓✓ Correct Answer:
InAns✓✓✓ :
X Vulnerabilities
,_____ assessments are objective, while _____ assessments are
subjective.
- quantitative, qualitative
- qualitative, quantitative
- risk, threat
- threat, risk Ans✓✓✓
___________ is the negative result if the risk occurs.
Value
Risk
Impact
Probability Ans✓✓✓ Impact
____________ assessments are objective, while ___________
assessments are subjective. Ans✓✓✓ Quantitative, qualitative
_____________ is the likelihood that a threat will exploit a
vulnerability. Ans✓✓✓ Probability
,(T/F): A BIA typically identifies the customers and how the organization
plans to serve them Ans✓✓✓ False
(T/F): A business impact analysis is concerned w/ identifying &
implementing recovery methods. Ans✓✓✓ False
(T/F): A business impact analysis is intended to include all IT functions.
Ans✓✓✓ False
(T/F): A security Scan & a Risk Assessment are the same. Ans✓✓✓
False
(T/F): An IT asset inventory is a list of IT assets that are vulnerable to a
specific threat that is under assessment. Ans✓✓✓ False
(T/F): An organization should implement as many controls as possible.
Ans✓✓✓ False.
(T/F): CBA stands for Cost Benefit Authorization. Ans✓✓✓ False
(T/F): Compensating controls are controls in place that do not
effectively reduce exploitability. Ans✓✓✓ False
, (T/F): Inherent risk is the value of the unmitigated risk exposure.
Ans✓✓✓ True
(T/F): It is essential that risk management be driven by the potential for
worst- case scenarios. Ans✓✓✓ False
(T/F): Malignant Threats are threats that are always present. Ans✓✓✓
True
(T/F): More data always improves the risk analysis. Ans✓✓✓ False
(T/F): Productivity and replacement costs occur mostly as a secondary
loss. Ans✓✓✓ False
(T/F): Productivity and replacement costs occur mostly as secondary
loss. Ans✓✓✓
(T/F): Questionnaires, forms, and surveys are the standard way to collect
data for a BIA. Ans✓✓✓ True
(T/F): Risk Management choices are made in a top down fashion
affecting the sensitivity of risk throughout the organization. Ans✓✓✓
True
___ is the negative result if the risk occurs Ans✓✓✓ impact
____ is the likelihood that a threat will exploit a vulnerability Ans✓✓✓
Probability
____ is the likelihood that a threat will exploit a vulnerability. Ans✓✓✓
Probability
____ is the likelihood that a threat will exploit a vulnerablity Ans✓✓✓
Probability
____ negatively affect(s) the CIA triad.
- risks
- threats
- vulnerabilities
- NNTP Ans✓✓✓ Correct Answer:
InAns✓✓✓ :
X Vulnerabilities
,_____ assessments are objective, while _____ assessments are
subjective.
- quantitative, qualitative
- qualitative, quantitative
- risk, threat
- threat, risk Ans✓✓✓
___________ is the negative result if the risk occurs.
Value
Risk
Impact
Probability Ans✓✓✓ Impact
____________ assessments are objective, while ___________
assessments are subjective. Ans✓✓✓ Quantitative, qualitative
_____________ is the likelihood that a threat will exploit a
vulnerability. Ans✓✓✓ Probability
,(T/F): A BIA typically identifies the customers and how the organization
plans to serve them Ans✓✓✓ False
(T/F): A business impact analysis is concerned w/ identifying &
implementing recovery methods. Ans✓✓✓ False
(T/F): A business impact analysis is intended to include all IT functions.
Ans✓✓✓ False
(T/F): A security Scan & a Risk Assessment are the same. Ans✓✓✓
False
(T/F): An IT asset inventory is a list of IT assets that are vulnerable to a
specific threat that is under assessment. Ans✓✓✓ False
(T/F): An organization should implement as many controls as possible.
Ans✓✓✓ False.
(T/F): CBA stands for Cost Benefit Authorization. Ans✓✓✓ False
(T/F): Compensating controls are controls in place that do not
effectively reduce exploitability. Ans✓✓✓ False
, (T/F): Inherent risk is the value of the unmitigated risk exposure.
Ans✓✓✓ True
(T/F): It is essential that risk management be driven by the potential for
worst- case scenarios. Ans✓✓✓ False
(T/F): Malignant Threats are threats that are always present. Ans✓✓✓
True
(T/F): More data always improves the risk analysis. Ans✓✓✓ False
(T/F): Productivity and replacement costs occur mostly as a secondary
loss. Ans✓✓✓ False
(T/F): Productivity and replacement costs occur mostly as secondary
loss. Ans✓✓✓
(T/F): Questionnaires, forms, and surveys are the standard way to collect
data for a BIA. Ans✓✓✓ True
(T/F): Risk Management choices are made in a top down fashion
affecting the sensitivity of risk throughout the organization. Ans✓✓✓
True
