Feedback
Home
You may like this!
31.
What is a primary goal of security in an organization?
  • A.
    Eliminate risk
  • B.
    Mitigate the possibility of the use of malware
  • C.
    Enforce and maintain the AIC objectives
  • D.
    Maintain the organizations network operations
  • Answer & Explanation
  • Report
Answer : [C]
Explanation :
Option A is incorrect because eliminating risk is only part of a primary goal of security. Options B and D are incorrect because they are not primary goals of security.
Report
Name Email  
32.
Which of the following provides the best description of risk reduction?
  • A.
    Altering elements of the enterprise in response to a risk analysis
  • B.
    Mitigating risk to the enterprise at any cost.
  • C.
    Allowing a third party to assume all risk for the enterprise
  • D.
    Paying all costs associated with risks with internal budgets
  • Answer & Explanation
  • Report
Answer : [A]
Explanation :
Option A is correct because risk reduction alters elements throughout the enterprise to minimize the ability of a threat to exploit a vulnerability. Option B is incorrect. It is impossible to remove all risks. Option C is incorrect because it is one of four potential treatments for risk. Option D is incorrect because the organization accepts all the possible risks.
Report
Name Email  
33.
Which group represents the most likely source of an asset being lost through inappropriate computer use?
  • A.
    Crackers
  • B.
    Employees
  • C.
    Hackers
  • D.
    Flood
  • Answer & Explanation
  • Report
Answer : [B]
Explanation :
Option B is correct because the most likely source of an asset being lost is internal theft. Options A and C are external threats. Option D is also an external threat that might cause a denial of service attack.
Report
Name Email  
34.
Which of the following statements is not accurate?
  • A.
    Risk is identified and measured by performing a risk analysis.
  • B.
    Risk is controlled through the application of safeguards and countermeasures.
  • C.
    Risk is managed by periodically reviewing the risk and taking responsible actions based on the risk.
  • D.
    All risks can be totally eliminated through risk management
  • Answer & Explanation
  • Report
Answer : [D]
Explanation :
Options A, B, and C are correct statements. Option D is wrong because risk cannot be completely eliminated.
Report
Name Email  
35.
Which option most accurately defines a threat?
  • A.
    Any vulnerability in an information technology system
  • B.
    Protective controls
  • C.
    Multilayered controls
  • D.
    Possibility for a source to exploit a specific vulnerability
  • Answer & Explanation
  • Report
Answer : [D]
Explanation :
Option A is incorrect because a weakness is a vulnerability. Option B is incorrect because a threat is not a protective control. Option C is incorrect because a threat is not a multilayer control.
Report
Name Email  
 
  © 2024 infibee.com. All Rights Reserved.   Copyright | Privacy Policy | Sitemap  
Contact us on : info@infibee.com  
 
 
Share   Facebook   Twitter   Google +   Digg