Question 11 out of 1 points____ (sometimes referred to as avoidance) is the risk control strategy that attempts to prevent the exploitation of a vulnerability.
Question 21 out of 1 pointsA(n) ____ is any clearly identified attack on the organization’s information assets that would threaten the assets’ confidentiality, integrity, or availability.
Question 31 out of 1 pointsThe ____ illustrates the most critical characteristics of information and has been the industry standard for computer security since the development of the mainframe.
Question 41 out of 1 pointsA(n) ____ is an object, person, or other entity that is a potential risk of loss to an asset.
Question 51 out of 1 points____ assigns a risk rating or score to each information asset. Although this number
does not mean anything in absolute terms, it is useful in gauging the relative risk to each vulnerable information asset and facilitates the development of comparative ratings later in the risk control process.
Question 60 out of 1 pointsA(n) ____ is used to anticipate, react to, and recover from events that threaten the security of information and information assets in an organization; it is also used to restore the organization to normal modes of business operations;
Question 71 out of 1 points____ is a risk control approach that attempts to shift the risk to other assets, other processes, or other organizations.
Question 81 out of 1 pointsA ____ deals with the preparation for and recovery from a disaster, whether natural or man-made.
Question 91 out of 1 pointsA ____ attack seeks to deny legitimate users access to services by either tying up a server’s available resources or causing it to shut down.
Question 101 out of 1 pointsThe last stage of a business impact analysis is prioritizing the resources associated with the ____, which brings a better understanding of what must be recovered first.
You've reached the end of your free preview.
Want to read all 12 pages?
- Spring '14
- CSIRT
