Security Quiz

Which of the following statement accurately describes risk?

-If compromised, medium-risk asset may cause some damage to an organization's rep. -Assets with SPII, PII or intellectual property are examples -Determining whether a risk is low, medium, or high depends on the threat and the asset involved.

Which of the following examples are key focus areas of the security and risk management domain?

-Secure digital and physical assets -Define security goals and objectives -Mitigate risk

What term describes an organization's ability to maintain its everyday productivity by establishing risk disaster recovery plans?

Business continuity

How does security control testing enable companies to identify new and better ways to mitigate threats?

By examining organizational goals and objectives By evaluating whether the current controls help achieve goals

Fill in the blank:Security posture refers to an organizations ability to react to_____and manage its defense of critical assets and data.

Change

A business experiences an attack, As a result, a major news outlet reports on it. What type of consequence does this have for the business?

Damage to reputation

According to the concept shared responsibility, how can an organization reduce and maintain security?

Ensure all employees take an active role in the process

A security analyst verifies users and monitors employees' login attempts. The goal is to keep the business's assets secure. Which security domain does this scenario describe?

Identity and access management

In the RMF(risk management framework), which steps being aware of how systems are operating?

Implement (step 4)

Fill in the blank. The software development______process may involve penetration during the deployment and implementation phase of developing software products.

Life cycle