Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Which of the following is a type of risk mitigation security control? Out-place controls Unplanned controls Planned controls Ad-hoc controls An organization is checking servers

  1. Which of the following is a type of risk mitigation security control?

  1. Out-place controls
  2. Unplanned controls
  3. Planned controls
  4. Ad-hoc controls

  1. An organization is checking servers to ensure that unneeded services are disabled. What type of control is this?

  1. Corrective
  2. Detective
  3. Preventive
  4. Required

  1. An organization is implementing an intrusion detection system. What type of control is this?

  1. Corrective
  2. Detective
  3. Preventive
  4. Required

  1. An organization has created a comprehensive backup plan. What type of control is this?

  1. Corrective
  2. Detective
  3. Preventive
  4. Required

  1. Which of the following is an example of an administrative control?

  1. Policies and procedures
  2. Financial records
  3. System testing
  4. Audit

  1. What is required to ensure that employees are aware of security standards within an organization?

  1. Awareness training
  2. Technical controls
  3. Background checks
  4. Security policy

  1. An unauthorized user has gained access to data and viewed it. What has been lost?

  1. Confidentiality
  2. Availability
  3. Integrity
  4. Non-repudiation

  1. Which of the following best describes the keys used with asymmetric encryption techniques?

  1. 40-bit kit keys used for encryption and decryption
  2. Two keys known as a public key and a private key
  3. Two keys known as AES keys
  4. Two keys with asymmetric bit sizes

  1. Which of the following is used for identification and can be used for encryption?

  1. Certificate
  2. Certificate authority
  3. Digital signature
  4. Encryption key

  1. What is used to encrypt a digital signature?

  1. Sender’s public key
  2. Sender’s private key
  3. Recipient’s public key
  4. Recipient’s private key

  1. Risk mitigation planning starts with which of the following?

  1. Asset inventory
  2. Funding meeting
  3. Asset valuation
  4. Risk status

  1. Which of the following is not a valid consideration when planning risk mitigation?

  1. Potential loss of availability
  2. Potential loss of confidentiality
  3. Potential loss of costs
  4. Potential loss of integrity

  1. Identifying the criticality of business operations is a step in which of the following processes?

  1. Risk assessment
  2. Calculation of risk value
  3. Business impact analysis
  4. Cost-benefit analysis

  1. Which among the following determines the acceptable downtimes for critical business functions, processes, and IT service in a business impact analysis?

  1. Recovery time objective
  2. Disaster recovery plan
  3. Risk plan
  4. MAO

  1. In a business impact analysis, the loss of immediate sales and cash flow is an example of which of the following?

  1. Hidden costs
  2. Cost of doing business in a risky environment
  3. Direct cost
  4. Indirect cost

  1. Which of the following documents identifies an expected level of performance between organizations?

  1. Operational level agreement (OLA)
  2. Service level agreements (SLA)
  3. Shared Access agreement (SAA)
  4. All options are incorrect

  1. Of the following choices, what represents a function that is critical to an organization? If this fails, the organization will lose the ability to perform essential operations.

  1. Business impact analysis
  2. Business continuity plan
  3. Critical success factor
  4. Critical business function

  1. What device can filter Web page requests from users and only allow access to specific Web sites?

  1. Firewall
  2. Router
  3. Proxy server
  4. Spam filter

  1. Which of the following is a valid goal of a control or countermeasure?

  1. Eliminate risk
  2. Eliminate threats
  3. Eliminate vulnerabilities
  4. Reduce a vulnerability to an acceptable level

  1. Which of the following formulas can you use to determine the projected benefits of a control?

  1. R = T x V
  2. Loss before control – loss after control
  3. Loss after control – loss before control
  4. CBA – ROI

Step by Step Solution

3.59 Rating (160 Votes )

There are 3 Steps involved in it

Step: 1

The detailed answer for the above question is provided below Which of the following is a type of risk mitigation security control Planned controls Planned controls are security measures that are part ... blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Auditing a risk based approach to conducting a quality audit

Authors: Karla Johnstone, Audrey Gramling, Larry Rittenberg

9th edition

9781133939160, 1133939155, 1133939163, 978-1133939153

More Books

Students also viewed these Accounting questions

Question

Identify common inherent risks associated with debt obligations.

Answered: 1 week ago