QUESTION 11.A ____________ would be a misconfiguration of a system that allows the hacker to gain unauthorized access, whereas a______________ is a combination
of the likelihood that such a misconfiguration could happen, a hacker’s exploitation of it, and the impact if the event occurred.vulnerability, riskrisk, vulnerabilitythreat, riskrisk, threat
QUESTION 21.As employees find new ways to improve a system or process, it is important to have a way to capture their ideas. ________________________ can beunderstood as finding a better way or as a lesson learned.
QUESTION 31.Generally, regardless of threat or vulnerability, there will ____________ be a chance a threat can exploit a vulnerability.
QUESTION 41.In the Build, Acquire, and Implement domain, the ability to manage change is very important. Thus, there are often ___________________ set to avoid disrupting current services while new services are added.
guidelines
QUESTION 51.When an organization lacks policies, its operations become less predictable. Which of the following is a challenge you can expect without policies?
lower costsincreased regulatory compliancecustomer dissatisfactionlow retention rates for employees
QUESTION 61.A good security awareness program makes employees aware of the behaviors expected of them. All security awareness programs have two enforcement components: the carrot and the stick. Which of the following bestcaptures the relationship of the two components?
Want to read all 6 pages?
Want to read all 6 pages?
You've reached the end of your free preview.
Want to read all 6 pages?
- Spring '17
