Quiz-summary
0 of 10 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
Information
Practice Questions
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 10 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- Answered
- Review
-
Question 1 of 10
1. Question
A hazard chief is arranging a first-ever hazard evaluation in an organization. What is the best approach for guaranteeing victory?
Correct
The most excellent approach for victory in an organization’s hazard administration program, and amid chance appraisals, is to have back from official management. Executives have to characterize the scope of the hazard administration program, whether, by the business unit, topography, or other implies.
Incorrect
The most excellent approach for victory in an organization’s hazard administration program, and amid chance appraisals, is to have back from official management. Executives have to characterize the scope of the hazard administration program, whether, by the business unit, topography, or other implies.
-
Question 2 of 10
2. Question
A security director has completed a powerlessness filter and has identified numerous vulnerabilities in generation servers. What is the most excellent course of activity?
Correct
Most organizations don’t put personal vulnerabilities into a risk register. The hazard enlist is fundamentally for key issues, not strategic issues such as person vulnerabilities. Be that as it may, in case the helplessness check report was a sign of a broken prepare or broken innovation, at that point that matter of brokenness might qualify as a substantial chance enlist section.
Incorrect
Most organizations don’t put personal vulnerabilities into a risk register. The hazard enlist is fundamentally for key issues, not strategic issues such as person vulnerabilities. Be that as it may, in case the helplessness check report was a sign of a broken prepare or broken innovation, at that point that matter of brokenness might qualify as a substantial chance enlist section.
-
Question 3 of 10
3. Question
The concept of security tasks in the context of a SaaS or IaaS environment is depicted in a:
Correct
The shared obligation demonstrate, some of the time known as a shared responsibility matrix portrays the operational show for SaaS and IaaS suppliers where the client organizations have a few security duties (such as end-user get to control) and benefit supplier organizations have a few security obligations (such as physical get to control).
Incorrect
The shared obligation demonstrate, some of the time known as a shared responsibility matrix portrays the operational show for SaaS and IaaS suppliers where the client organizations have a few security duties (such as end-user get to control) and benefit supplier organizations have a few security obligations (such as physical get to control).
-
Question 4 of 10
4. Question
The categories of chance treatment are:
Correct
The four categories of chance treatment are chance relief (where dangers are reduced through control or prepare to alter), chance exchange (where dangers are exchanged to an external party such as a protections company or overseen administrations supplier), risk avoidance (where the risk-producing action is suspended), and chance acceptance (where the administration chooses to acknowledge the chance).
Incorrect
The four categories of chance treatment are chance relief (where dangers are reduced through control or prepare to alter), chance exchange (where dangers are exchanged to an external party such as a protections company or overseen administrations supplier), risk avoidance (where the risk-producing action is suspended), and chance acceptance (where the administration chooses to acknowledge the chance).
-
Question 5 of 10
5. Question
Which of the taking after recuperation destinations is related to the longest allowed period of benefit blackout?
Correct
Recuperation time objective is the most extreme period of time from the onset of an outage until the resumption of benefit.
Incorrect
Recuperation time objective is the most extreme period of time from the onset of an outage until the resumption of benefit.
-
Question 6 of 10
6. Question
When would it make sense to spend $50,000 to secure a resource worth $10,000?
Correct
Commonly it would not make sense to spend $50,000 to ensure an asset worth $10,000. But now and then there are other contemplations, such as revenue realization or notoriety harm, that can be troublesome to measure.
Incorrect
Commonly it would not make sense to spend $50,000 to ensure an asset worth $10,000. But now and then there are other contemplations, such as revenue realization or notoriety harm, that can be troublesome to measure.
-
Question 7 of 10
7. Question
A security supervisor has been coordinated by the official administration to not document a particular chance within the chance to enroll. This course of activity is known as:
Correct
The refusal of an organization to formally consider a hazard is known as ignoring the chance. This can be not a formal strategy of a chance treatment since the absence of pondering and decision-making. It isn’t an astute commerce hone to keep a few hazardous things “off the books.”
Incorrect
The refusal of an organization to formally consider a hazard is known as ignoring the chance. This can be not a formal strategy of a chance treatment since the absence of pondering and decision-making. It isn’t an astute commerce hone to keep a few hazardous things “off the books.”
-
Question 8 of 10
8. Question
A security supervisor has created a conspire that endorses required strategies to be used to secure data at rest, in movement, and in travel. This can be known as a(n):
Correct
An information classification approach may be an explanation that defines two or more classification levels for information, along with strategies and measures for the protection of information at each classification for different utilize cases such as capacity in a database, capacity on a portable workstation computer, transmissions by means of mail, and capacity on backup media.
Incorrect
An information classification approach may be an explanation that defines two or more classification levels for information, along with strategies and measures for the protection of information at each classification for different utilize cases such as capacity in a database, capacity on a portable workstation computer, transmissions by means of mail, and capacity on backup media.
-
Question 9 of 10
9. Question
A security supervisor is creating a methodology for making changes to the organization’s occurrence administration handle. The security chief has defined the craved future state. Sometime recently particular plans can be made to move forward the process, the security director ought to perform a:
Correct
When the required conclusion state of a handle or framework is decided, a gap analysis must be performed so that the current state of the method or framework can also be known. Then, particular errands can be performed to reach the required end state of the method.
Incorrect
When the required conclusion state of a handle or framework is decided, a gap analysis must be performed so that the current state of the method or framework can also be known. Then, particular errands can be performed to reach the required end state of the method.
-
Question 10 of 10
10. Question
What is usually the primary objective of risk management?
Correct
The foremost common objective of a hazard administration program is the reduction in the number and seriousness of security occurrences.
Incorrect
The foremost common objective of a hazard administration program is the reduction in the number and seriousness of security occurrences.