© Sai Chan/Shutterstock

Answer Key

APPENDIX
A

CHAPTER 1 Risk Management Fundamentals

1. D 2. B 3. A 4. A and C 5. intangible value 6. control 7. B 8. D 9. CVE 10. A 11. CBA, or cost-benefit analysis 12. transfer 13. A, B, and C 14. D 15. C

CHAPTER 2 Managing Risk: Threats, Vulnerabilities, and Exploits

1. D 2. A 3. B 4. C 5. D 6. C 7. B 8. A 9. A 10. E 11. A 12. C 13. C 14. the MITRE Corporation 15. A

CHAPTER 3 Understanding and Maintaining Compliance

1. C 2. D 3. A 4. C 5. B 6. A 7. D 8. A 9. C 10. A 11. B 12. C 13. D 14. 5 15. D

CHAPTER 4 Developing a Risk Management Plan

1. E 2. E 3. D 4. C 5. B 6. A 7. A and B 8. B 9. D 10. A 11. C 12. A 13. C 14. B 15. C

CHAPTER 5 Defining Risk Assessment Approaches

1. E 2. Exposure factor (EF) 3. B 4. quantitative 5. C 6. A 7. B 8. qualitative 9. quantitative 10. B 11. quantitative 12. qualitative 13. D 14. A and B 15. E

CHAPTER 6 Performing a Risk Assessment

1. C 2. E 3. E 4. B 5. D 6. A 7. administrative 8. technical 9. physical 10. C 11. A 12. B 13. B 14. C 15. B

CHAPTER 7 Identifying Assets and Activities to Be Protected

1. A 2. B 3. E 4. E 5. job 6. E 7. C 8. A 9. D 10. mission-critical 11. B 12. A 13. B 14. C 15. A

CHAPTER 8 Identifying and Analyzing Threats, Vulnerabilities, and Exploits

1. natural 2. A 3. C 4. A, B, C, and D 5. D 6. vulnerability 7. C 8. C 9. A 10. D 11. access controls 12. D 13. A 14. C 15. A

CHAPTER 9 Identifying and Analyzing Risk Mitigation Security Controls

1. control, or countermeasure 2. A 3. C 4. B 5. D 6. access 7. C 8. C 9. A 10. D 11. certificate authority (CA) 12. D 13. A 14. B 15. B

CHAPTER 10 Planning Risk Mitigation Throughout an Organization

1. business impact analysis (BIA) 2. B 3. C 4. B 5. D 6. $22 million; 4 percent 7. C 8. C 9. D 10. B 11. A 12. C 13. A 14. B 15. B

CHAPTER 11 Turning a Risk Assessment into a Risk Mitigation Plan

1. in-place 2. A 3. Threat × Vulnerability 4. E 5. A 6. mitigation 7. E 8. C 9. C 10. B 11. A 12. C 13. C 14. F 15. B

CHAPTER 12 Mitigating Risk with a Business Impact Analysis

1. maximum acceptable outage (MAO) 2. B 3. business continuity plan (BCP) 4. D 5. C and D 6. indirect 7. D 8. C 9. B 10. C 11. B 12. A 13. D 14. D 15. B

CHAPTER 13 Mitigating Risk with a Business Continuity Plan

1. BCP, or business continuity plan 2. B 3. scope 4. C 5. D 6. BCP coordinator 7. A 8. C 9. D 10. B 11. A 12. C 13. C 14. A, B, and D 15. A

CHAPTER 14 Mitigating Risk with a Disaster Recovery Plan

1. disaster recovery plan (DRP) 2. A 3. B 4. critical success factor (CSF) 5. D 6. D 7. off-site 8. A 9. C 10. B 11. C 12. D 13. B 14. D 15. B

CHAPTER 15 Mitigating Risk with a Computer Incident Response Team Plan

1. computer incident or computer security incident 2. B 3. denial of service (DoS) or distributed DoS (DDoS) 4. B 5. D 6. D 7. C 8. B 9. D 10. C 11. B 12. B 13. E 14. C 15. a Trojan horse

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.226.104.250