studyguide quiz1

studyguide quiz1

  • Submitted By: Stank
  • Date Submitted: 06/05/2015 7:13 PM
  • Category: Technology
  • Words: 487
  • Page: 2

Issc 363 Quiz1
1. Which of the following statements best describes risk?
The probability of loss of a valued resource

2. In which of the IT domains is a hub considered a major component of risk?

3. How does risk management impact an organization?
Affects the survivability

4. Which of the following is not a technique for dealing with vulnerabilities?
Cost-benefit analysis

5. Which of the following statements about threats is not accurate?
Threats can be eliminated completely

6. What would you most commonly do to reduce the potential risk from a threat/vulnerability pair?
Reduce the vulnerability

7. After implementing several security controls, what should be done to ensure the controls are performing as expected?
Continuous monitoring

8. What is the most common target of perpetrators initiating an exploit?
Public-facing servers

9. Which of the following is a U.S. organization that publishes the Special Publication 800 (SP 800) series of documents?

10. What U.S. organization routinely publishes free cybersecurity-related alerts and tips, and includes the ability to subscribe to e-mail alerts for cybersecurity topics?
NO **** Unknown—NOT CVE
NO *** DHS - NCSD - Cybersecurity and the National Cyber Alert System...
? - US- CERT*************************************************************************

11. Companies are expected to understand and abide by any laws that apply to them. What is this commonly called?

12. To which of the following would HIPAA apply?
Health insurance companies

13. What is the first step you would take when creating a HIPAA compliance plan?

14. Which agency enforces the Sarbanes-Oxley Act (SOX)?

15. To which of the following would SOX apply?
Publicly traded companies

16. Which of the following is not one of the objectives of a risk management plan?
Eliminate risk

17. Which...

Similar Essays