addressing security and organization

addressing security and organization

1. What is the correct approach for addressing security and organization
objectives?
a. Security and organization objectives should be developed separately.
b. Security should drive organization objectives.
c. Security should support organization objectives.
d. The site security officer should approve or reject organization
objectives.
2. The statement, Ã¢â‚¬Å“Promote professionalism among information system
security practitioners through the provisioning of professional certification
and trainingÃ¢â‚¬Â is an example of a/an:
a. Mission statement
b. Objective
c. Goal
d. Requirement
3. The two components of risk management are:
a. Risk assessment and risk analysis
b. Vulnerability assessment and risk treatment
c. Risk assessment and risk mitigation
d. Risk assessment and risk treatment
4. A security manager needs to perform a risk assessment on a critical
business application in order to determine what additional controls may be
needed to protect the application and its databases. The best approach to
performing this risk assessment is:
a. Perform a qualitative risk assessment only
b. Perform a quantitative risk assessment only
c. Perform a qualitative risk assessment first, then perform a
quantitative risk assessment
d. Perform a quantitative risk assessment, then perform a qualitative risk
assessment
5. A qualitative risk assessment is used to identify:
a. Vulnerabilities, threats, and countermeasures
b. Vulnerabilities, threats, threat probabilities, and countermeasures
c. Assets, risks, and mitigation plans
d. Vulnerabilities and countermeasures

Computer Science Assignment Help, Computer Science Homework help, Computer Science Study Help, Computer Science Course Help

Answered

Other / Other

21 Mar 2016

Lost Password