Quiz-summary
0 of 10 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
Information
Practice Questions
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 10 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- Answered
- Review
-
Question 1 of 10
1. Question
A hazard director is arranging a first-ever chance evaluation in an organization. What is the leading approach for guaranteeing victory?
Correct
The leading approach for victory in an organization’s chance management program, and amid hazard appraisals, is to have back from executive management. Administrators ought to characterize the scope of the hazard management program, whether by commerce unit, topography, or other implies.
Incorrect
The leading approach for victory in an organization’s chance management program, and amid hazard appraisals, is to have back from executive management. Administrators ought to characterize the scope of the hazard management program, whether by commerce unit, topography, or other implies.
-
Question 2 of 10
2. Question
A security supervisor has completed a defenselessness check and has identified numerous vulnerabilities in generation servers. What is the leading course of action?
Correct
most organizations don’t put personal vulnerabilities into a risk register. The hazard enlist is basically for vital issues, not tactical issues such as person vulnerabilities. Be that as it may, on the off chance that the vulnerability scan report was a sign of a broken handle or broken technology, then that matter of brokenness might qualify as a substantial chance enroll passage
Incorrect
most organizations don’t put personal vulnerabilities into a risk register. The hazard enlist is basically for vital issues, not tactical issues such as person vulnerabilities. Be that as it may, on the off chance that the vulnerability scan report was a sign of a broken handle or broken technology, then that matter of brokenness might qualify as a substantial chance enroll passage
-
Question 3 of 10
3. Question
The concept of security errands within the setting of a SaaS or IaaS environment is delineated in a:
Correct
The shared duty show, in some cases known as a shared responsibility lattice, portrays the operational show for SaaS and IaaS providers where client organizations have a few security responsibilities (such as conclusion client get to control) and benefit supplier organizations have some security obligations (such as physical get to control).
Incorrect
The shared duty show, in some cases known as a shared responsibility lattice, portrays the operational show for SaaS and IaaS providers where client organizations have a few security responsibilities (such as conclusion client get to control) and benefit supplier organizations have some security obligations (such as physical get to control).
-
Question 4 of 10
4. Question
The categories of chance treatment are:
Correct
The four categories of hazard treatment are chance relief (where risks are decreased through control or prepare to alter), hazard exchange (where risks are exchanged to an outside party such as a protections company or managed administrations supplier), chance shirking (where the risk-producing activity is suspended), and chance acknowledgment (where administration chooses to acknowledge the hazard).
Incorrect
The four categories of hazard treatment are chance relief (where risks are decreased through control or prepare to alter), hazard exchange (where risks are exchanged to an outside party such as a protections company or managed administrations supplier), chance shirking (where the risk-producing activity is suspended), and chance acknowledgment (where administration chooses to acknowledge the hazard).
-
Question 5 of 10
5. Question
Which of the taking after recuperation destinations is related to the longest allowed period of a benefit blackout?
Correct
Recuperation time objective is the greatest period of time from the onset of an blackout until the resumption of servic
Incorrect
Recuperation time objective is the greatest period of time from the onset of an blackout until the resumption of servic
-
Question 6 of 10
6. Question
When would it make sense to spend $50,000 to ensure a resource worth $10,000?
Correct
Customarily it would not make sense to spend $50,000 to secure an asset worth $10,000. But now and then there are other contemplations, such as income realization or notoriety harm, that can be troublesome to quantify.
Incorrect
Customarily it would not make sense to spend $50,000 to secure an asset worth $10,000. But now and then there are other contemplations, such as income realization or notoriety harm, that can be troublesome to quantify.
-
Question 7 of 10
7. Question
Which of the taking after articulations is genuine approximately compliance risk?
Correct
In most cases, compliance hazard is fair another chance that must be understood. This incorporates the understanding of potential fines and other sanctions in connection to the costs required to reach a state of compliance. In some cases, in any case, being out of compliance can moreover result in reputation damage, as well as bigger sanctions on the off chance that the organization endures from a security breach since of the non-compliant state.
Incorrect
In most cases, compliance hazard is fair another chance that must be understood. This incorporates the understanding of potential fines and other sanctions in connection to the costs required to reach a state of compliance. In some cases, in any case, being out of compliance can moreover result in reputation damage, as well as bigger sanctions on the off chance that the organization endures from a security breach since of the non-compliant state.
-
Question 8 of 10
8. Question
A security controlling committee engaged to form chance treatment decisions has chosen to acknowledge a specific hazard. What is the leading course of activity?
Correct
A chance enlist thing that has been acknowledged ought to be retired and considered after a period of time, maybe one year. Usually distant better; a much better; a higher; a stronger; an improved”>a distant better option then closing the item permanently; in a year’s time, changes in business conditions, security dangers, and other contemplations may compel the organization to require distinctive activity.
Incorrect
A chance enlist thing that has been acknowledged ought to be retired and considered after a period of time, maybe one year. Usually distant better; a much better; a higher; a stronger; an improved”>a distant better option then closing the item permanently; in a year’s time, changes in business conditions, security dangers, and other contemplations may compel the organization to require distinctive activity.
-
Question 9 of 10
9. Question
A security supervisor has been coordinated by the official administration to not document a particular chance within the hazard enrollment. This course of activity is known as:
Correct
The refusal of an organization to formally consider a hazard is known as ignoring the chance. Typically not a formal strategy of a chance treatment since of the absence of consideration and decision-making. It isn’t an astute business practice to keep a few hazardous things “off the books.”
Incorrect
The refusal of an organization to formally consider a hazard is known as ignoring the chance. Typically not a formal strategy of a chance treatment since of the absence of consideration and decision-making. It isn’t an astute business practice to keep a few hazardous things “off the books.”
-
Question 10 of 10
10. Question
A security director has created a plot that endorses required methods are utilized to secure data at rest, in movement, and in transit. This is known as a(n):
Correct
A data classification arrangement may be an articulation that defines two or more classification levels for information, along with strategies and measures for the assurance of information at each classification for different utilize cases such as storage in a database, capacity on a tablet computer, transmissions by means of e-mail, and capacity on reinforcement media
Incorrect
A data classification arrangement may be an articulation that defines two or more classification levels for information, along with strategies and measures for the assurance of information at each classification for different utilize cases such as storage in a database, capacity on a tablet computer, transmissions by means of e-mail, and capacity on reinforcement media