CompTIA Security+ Textbook Chapter 1 Review Questions

¡Supera tus tareas y exámenes ahora con Quizwiz!

17. Which of the following strategies involves understanding something about the enemy and letting them know the harm that can come their way if they cause harm to you? A. Risk acceptance B. Risk avoidance C. Risk deterrence D. Risk mitigation E. Risk transference

C. Risk deterrence

16. Separation of duties helps to prevent an individual from embezzling money from a company. To embezzle funds successfully, an individual would need to recruit others to commit an act of (an agreement between two or more parties established for the purpose of committing deception or fraud). A. misappropriation B. misuse C. collusion D. fraud

C. collusion

10. Which of the following strategies involves sharing some of the risk burden with someone else, such as an insurance company? A. Risk acceptance B. Risk avoidance C. Risk deterrence D. Risk mitigation E. Risk transference

E. Risk transference

2. Consider the following scenario: The asset value of your company's primary servers is $2 million, and they are housed in a single office building in Anderson, Indiana. Field offices are scattered throughout the United States, but the workstations located at the field offices serve as thin clients and access data from the Anderson servers. Tornados in this part of the country are not uncommon, and it is estimated that one will level the building every 60 years. Which of the following is the SLE for this scenario? A. $2 million B. $1 million C. $500,000 D. $33,333.33 E. $16,666.67

A. $2 million

18. If you calculate SLE to be $25,000 and that there will be one occurrence every four years (ARO), then what is the ALE? A. $6,250 B. $12,500 C. $25,000 D. $100,000

A. $6,250

4. Refer to the scenario in question 2. Which of the following is the ARO for this scenario? A. 0.0167 B. 1 C. 5 D. 16.7 E. 60

A. 0.0167

20. Which of the following strategies necessitates an identified risk that those involved understand the potential cost/damage and agree to live with it? A. Risk acceptance B. Risk avoidance C. Risk deterrence D. Risk mitigation E. Risk transference

A. Risk acceptance

7. Which of the following policies are designed to reduce the risk of fraud and prevent other losses in an organization? A. Separation of duties B. Acceptable use C. Least privilege D. Physical access control

A. Separation of duties

15. Which of the following policies describes how the employees in an organization can use company systems and resources, both software and hardware? A. Separation of duties B. Acceptable use C. Least privilege D. Physical access control

B. Acceptable use

6. Which of the following policy statements may include an escalation contact in the event that the person dealing with a situation needs to know whom to contact? A. Scope B. Exception C. Overview D. Accountability

B. Exception

5. Which of the following strategies involves identifying a risk and making the decision to discontinue engaging in the action? A. Risk acceptance B. Risk avoidance C. Risk deterrence D. Risk mitigation E. Risk transference

B. Risk avoidance

19. Which of the following policies should be used when assigning permissions, giving users only the permissions they need to do their work and no more? A. Separation of duties B. Acceptable use C. Least privilege D. Physical access control

C. Least privilege

14. If you calculate the SLE to be $4,000 and that there will be 10 occurrences a year (ARO), then the ALE is: A. $400 B. $4,000 C. $40,000 D. $400,000

C. $40,000

11. The risk-assessment component, in conjunction with the business impact analysis (BIA), provides the organization with an accurate picture of the situation facing it. A. RAC B. ALE C. BIA D. RMG

C. BIA

9. Which of the following is the structured approach that is followed to secure a company's assets? A. Audit management B. Incident management C. Change management D. Skill management

C. Change management

1. You're the chief security contact for MTS. One of your primary tasks is to document everything related to security and create a manual that can be used to manage the company in your absence. Which documents should be referenced in your manual as the ones that identify the methods used to accomplish a given task? A. Policies B. Standards C. Guidelines D. BIA

C. Guidelines

3. Refer to the scenario in question 2. Which of the following amounts is the ALE for this scenario? A. $2 million B. $1 million C. $500,000 D. $33,333.33 E. $16,666.67

D. $33,333.33

12. Which of the following policy statements should address who is responsible for ensuring that the policy is enforced? A. Scope B. Exception C. Overview D. Accountability

D. Accountability

8. What is the term used for events that were mistakenly flagged although they weren't truly events about which to be concerned? A. Fool's gold B. Non-incidents C. Error flags D. False positives

D. False positives

13. Which of the following strategies is accomplished any time you take steps to reduce risk? A. Risk acceptance B. Risk avoidance C. Risk deterrence D. Risk mitigation E. Risk transference

CompTIA Security+ Textbook Chapter 1 Review Questions

Conjuntos de estudio relacionados

Accounting General Journal, 11E-Chapter 4

Ch.7 Quiz (Possible questions and actual quiz)

Section 2 Quiz

ECON 101 EXAM 3 Study Test

Social and Economic Effects of the Black Death

Python

Chapter 33: all Disorders of Renal Function no explanation

Bio 110

Hydraulic Conductivity

chapter3

Philosophy 1330 Study Guide

Subcutaneous Layer

IMMUNO SERO 3-4

Ati test A

Chapter 14, 15, 16, and 17 LEAP questions

Chapter 1: Patterns of Motion & Equilibrium

The lean startup quiz

ch 10 - File and Share Access

Astronomy Quiz 1

Auditing, Ch 7 Multiple choice questions