Question

In: Computer Science

TRUE/FALSE 1. A control classified as preventative has to be known by a person in order...

TRUE/FALSE

1. A control classified as preventative has to be known by a person in order to be effective.

2. For an intangible impact, assigning a financial value of the impact is easy.

3. All risks need to be mitigated or controlled.

Multiple choice

4. Which term refers to the possibility of suffering harm or loss?

A. Risk

B. Hazard

C. Threat vector

D. Threat actor

5. Which action is an example of transferring risk?

A. Management purchases insurance for the occurrence of the risk.

B. Management applies controls that reduce the impact of an attack.

C. Management has decided to accept responsibility for the risk if it does happen.

D. Management has decided against deploying a module that increases risk.

6. Which term refers to ensuring proper procedures are followed when modifying the IT infrastructure?

A. Qualitative risk assessment

B. Quantitative risk assessment

C. Configuration management

D. Change management

7. What is the first step in the general risk management model?

A. Asset identification

B. Threat assessment

C. Impact determination and quantification

D. Residual risk management

8. Which event is an example of a tangible impact?

A. Breach of legislation or regulatory requirements

B. Loss of reputation or goodwill (brand damage)

C. Endangerment of staff or customers

D. Breach of confidence

9. If you have a farm of five web servers and two of them break, what is the exposure factor (EF)?

A. 0 percent

B. 20 percent

C. 40 percent

D. 100 percent

10. Which term refers to the path or tool used by an attacker to attack a target?

A. Baseline monitor

B. Threat vector

C. Configuration scanner

D. Target actor

Solutions

Expert Solution

1) True; Because the person can only take the control in his hand in order to prevent and also able to make changes that will be effective as well.

2) False; For the intangible impact, assigning financial value to it is not easy because it will also affect the financial sector as well

3) True; all risk should be controlled otherwise it will affect the business continuity.

4) a) Risk; Risk is the term that refers to possibility of suffering harm or loss. Because risk can damage the whole infrastructure data and brings loss to the business.

5)d) Management has decided against deploying a module that increases risk.; Risk transfer is basically the transferring the risk from one to another here in this option management is against deployed module which increase the risk.

6c) configuration management is mostly deals with the configuration of the IT infrastructure and configuration management also looks after modification of the infrastructure as well.

7c) Impact determination and quantification. This is the first step of the model because in the step the impact are determined and the risk are calculated.

8b) Loss of reputation or goodwill (brand damage) is an example of tangible impact as it mostly deals with the reputation of the business and even budget of the project.

9c) EF = 40% because two of the web server failed out of 5.

10b) threat vector is used to refer to the path that is used by attackers to attack a target.


Related Solutions

true or false: 1. in order to lose one pound of body fat, a person need...
true or false: 1. in order to lose one pound of body fat, a person need to exercise for 3500 second 2. the EER includes the amount of physical activity you engage in as compared to the BMR which is simply a calculation of calories needed to sustain life. 3. BMI is an indication of overall cholesterol and glucose levels
TRUE OR FALSE WITH REASONS. If one person has all the income and everyone else has...
TRUE OR FALSE WITH REASONS. If one person has all the income and everyone else has none, the Gini ratio is zero.               Answer: Reason
Genetic testing is only done if a person has symptoms of a disease. True False
Genetic testing is only done if a person has symptoms of a disease. True False
Stakeholders are owners with majority control. True or False?
Stakeholders are owners with majority control. True or False?
True or False questions and brief explanation for each question: 1. A person that chooses the...
True or False questions and brief explanation for each question: 1. A person that chooses the alternative that has the highest Expected Value, when risk is involved, violates the assumptions of expected utility maximisation. ? True ? False 2. An expected utility maximizer with u(x) = log(x) rejects all fair gambles (i.e. those with an expected value of zero). ? True ? False 3. Prospect Theory can explain the Ellsberg Paradox. ? True ? False 4. Sophisticated Quasi-Hyperbolic Discounters behave...
Decide which of the following statements are true and which are false. 1. In order for...
Decide which of the following statements are true and which are false. 1. In order for two separate 1.0 L samples of O2(g) and H2(g) to have the same average velocity, the H2(g) sample must be at a higher temperature than the O2(g) sample. 2. At constant temperature, the heavier the gas molecules, the smaller the average kinetic energy. 3. As temperature decreases, the average kinetic energy of a sample of gas molecules increases. 4. At constant temperature, the lighter...
1. True or False: An economic model must be realistic in order to be useful.   ...
1. True or False: An economic model must be realistic in order to be useful.                                   True                  False                  2. Does the following set of production possibilities demonstrate the law of increasing costs?             Good #1        Good #2                 120                0                 100                10                 60                    20                     0                30                                   Yes           No           Not enough information to determine                  3. Which ONE of the following is NOT one of the 6 foundation principles of economics?                                   People respond to incentives           People are rational           There is no such thing...
Answer true or false with a sentence or two explanation. 1. In order to construct a...
Answer true or false with a sentence or two explanation. 1. In order to construct a confidence interval estimate of the population mean, the value of the population mean is needed. 2. A confidence interval is an interval estimate for which there is a specified degree of certainty that the actual value of the population parameter will fall within the interval. 3. The larger the confidence level used in constructing a confidence interval estimate of the population mean, the narrower...
True or False 1. In an audit of internal control over financial reporting, if the auditor...
True or False 1. In an audit of internal control over financial reporting, if the auditor identifies only one material weakness, the auditor is required to issue an adverse opinion on the effectiveness of the client's internal control over financial reporting. 2. The auditor's client outsources parts of its accounting functions to an independent service provider. The auditor plans to reduce control risk for transactions processed and balances maintained by the service provider. A. Because the service provider is independent...
True or False: 1. An employee works under the control of an employer, so an employment...
True or False: 1. An employee works under the control of an employer, so an employment contract is not necessary to define the relationship of the employee to the employer. 2. A federal statue provides members of a labor union the right to collective bargaining. 3. The FMLA entitles an eligible employee to 12 weeks of unpaid leave, but an employment contract may provide that the employer will pay the employee during 12 weeks of paid leave. 4. Both the...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT