Unformatted text preview: Quick Links Logout
Narendar Reddy Talasani1 Hom
Courses
e T ab 2 of 2 (active tab) 1. 2019_SPR_MAIN_Info. Security and Risk Mgmt._50 2. Content 3. Residency Weekend (March 1, 2019 - March 3, 2019) 4. Take Test: Midterm - Information Security & Risk Management (Spring 2019) 2019_SPR_MAIN_Info. Security and Risk Mgmt._50 Home Page
Information
My Instructor
Discussions
Content
Tools
Communicate
Help Course Messages
My Grades
Calendar
Library Resources
Netiquette
Groups My Groups IRM Groups 5 Take Test: Midterm - Information Security &
Risk Management (Spring 2019)
Test Information
Description Instructions
Timed Test Multiple
Attempts
Force
Completion This test has a time limit of 3 hours.This test will save and submit automatically
when the time expires.
Warnings appear when half the time, 5 minutes, 1 minute, and 30
seconds remain.
Not allowed. This test can only be taken once.
Once started, this test must be completed in one sitting. Do not leave the test
before clicking Save and Submit. Remaining Time:
1 hour, 32 minutes, 54 seconds. Question Completion Status: QUESTION 1 1. A (n) ____________ assessment attempts to identify vulnerabilities that
can actually be exploited. 2. risk
threat
vulnerabili
ty
exploit
1 points 1. QUESTION 2 An RA team should focus both on critical areas and on what
management might consider important.
True
False
1 points 1. QUESTION 3 A _________ is the likelihood that a loss will occur. 2. threat
risk
vulnerabili
ty
assessme
nt
1 points QUESTION 4 1. A security policy provides a high-level overview of the goals of security
and the details of how to implement security techniques.
True False
1 points QUESTION 5 1. Asset valuation is not a major priority of risk management.
True
False
1 points QUESTION 6 1. A loss results in a compromise to business functions, and a threat
results in a compromise to business assets.
True
False
1 points QUESTION 7 1. A __________ grants the authority to perform an action on a system. A
__________ grants access to a resource. 2. right,
permission
login, password
permission,
right
password, login
1 points 1. QUESTION 8 After you collect data on risks and recommendations, you include that
information in a report, and you give that report to management. Why do you
do this? 2. to avoid several time-consuming presentations about each individual
recommendation
to inform management of the progress of the risk management task
to help management decide which recommendations to use
to help management asses how much of the risk was mitigated by the
proposed solution
1 points QUESTION 9 1. A gap analysis report documents differences between what is
mitigated and what is not mitigated, resulting in a gap in security.
True
False
1 points QUESTION 10 1. All of the following terms have the same meaning EXCEPT: 2. cause and effect
diagram
Ishikawa diagram
fishbone diagram
affinity diagram
1 points 1. QUESTION 11 All of the following are steps involved in creating an affinity diagram,
EXCEPT: 2. brainstorming
creating an affinity diagram
gathering ideas into related
groups
identifying the problem
1 points QUESTION 12 1. All stakeholders have vested interests in their projects and want to see
those projects succeed.
True
False
1 points QUESTION 13 1. An exploit assessment is also known as a(n) ___________. 2. exploit list
penetration test
vulnerability
assessment
threat survey
1 points 1. QUESTION 14 A(n) _________ is the process of creating a list of threats. 2. threat
identification
threat assessment
risk assessment
risk identification
1 points QUESTION 15 1. A failover cluster requires at least __________ node(s). 2. 1
2
3
4
1 points 1. QUESTION 16 A(n) __________ is a computer joined to a botnet. 2. robot
virus
access
control
zombie
1 points QUESTION 17 1. A threat is a weakness, but a vulnerability is an activity that represents
a possible danger.
True
False
1 points QUESTION 18 1. A critical path chart shows a list of project tasks that must be
completed on time.
True
False
1 points QUESTION 19 1. A loss results in a compromise to business functions, and a threat
results in a compromise to business assets.
True
False
1 points QUESTION 20 1. AUP stands for acceptable use policy.
True
False
1 points QUESTION 21 1. A transaction is any addition, deletion, or modification of data.
True
False 1 points QUESTION 22 1. All of the following are major components of RAs, EXCEPT: 2. identifying
stakeholders
identifying scope
identifying critical
areas
identifying team
members
1 points 1. QUESTION 23 A new company starts up but does not have a lot of revenue for the
first year. Installing anti-virus software for all the company’s computers would
be very costly, so the owners decide to forgo purchasing anti-virus software for
the first year of the business. In what domain of typical IT infrastructure is
vulnerability created? 2. workstation
domain
malware domain
LAN domain
WAN domain
1 points QUESTION 24 1. A(n) ___________________ is performed to identify the most serious risks,
help you manage risks, and identify the best methods to control risks. 2. RA
CBA
POA
M
SOX
1 points 1. QUESTION 25 A milestone plan chart is a simple graphical representation of major
milestones.
True
False
1 points Click Save and Submit to save and submit. Click Save All Answers to save all answers. ...
View
Full Document
