Risk Management

Question: Generally, most risk management activities will consist of the following activities EXCEPT:

a. Control Identification
b. Target group awareness
c. Risk assessment
d. Control Implementation

Solution: Target group awareness

Question: Security policy and procedures on e-mail safety practice is an example of

a. Acceptance risk control
b. Avoidance risk control
c. Transference risk control
d. Mitigation risk control

Solution: Avoidance risk control

Question: Placing security camera around building that has valuable asset is an example of

a. Transference risk control
b. Acceptance risk control
c. Avoidance risk control
d. Mitigation risk control

Solution: Avoidance risk control

Question: Insuring the office building with fire insurance is example of

a. Avoidance risk control
b. Acceptance risk control
c. Transference risk control
d. Mitigation risk control

Solution: Transference risk control

Question: Hiring vendors to set up firewall and Intrusion Detection System to protect the server is an example of

a. Mitigation risk control
b. Transference risk control
c. Avoidance risk control
d. Acceptance risk control

Solution: Avoidance risk control

Question: The core consideration in a cost benefit analysis is:

a. weighing the pros and cons of implementing a risk control choices
b. selecting which vendor is the best to provide backup, security and insurance
c. giving monetary value to each of the asset that needs to be protected
d. identifying the risk, threat and vulnerabilities of each asset that needs to be analyzed

Solution: weighing the pros and cons of implementing a risk control choices

Question: The following scenario could be considered as an asset valuation component, EXCEPT

a. The amount of discount our client gets from black Friday's sale
b. Poor Internet connection effect the order tracking that comes in from the customer
c. The secret recipe to that makes up for our famous fried chicken
d. Heavy rain causes difficulty in delivering item to the customer

Solution: The amount of discount our client gets from black Friday's sale

Question: The correct order in a risk assessment activity is:

a. Asset - Vulnerability - Threat
b. Asset - Threat - Vulnerability
c. Threat - Vulnerability - Asset
d. Vulnerability - Asset - Threat

Solution: Asset - Threat - Vulnerability

Question: Providing cold site and hot site for important business transaction is an example of

a. Mitigation risk control
b. Transference risk control
c. Acceptance risk control
d. Avoidance risk control

Solution: Mitigation risk control

Question: If the cost from a risk occurrence could be absorbed by the organization, it is an example of

a. Avoidance risk control
b. Transference risk control
c. Mitigation risk control
d. Acceptance risk control

Solution: Acceptance risk control