Help
Options
Question
Asset value x exposure factor =
click to flip
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't know
Question
A control may also be called a(n) ____________________ or a(n) ____________________.
Remaining cards (24)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Computer Security-20
Chapter 20
| Question | Answer |
|---|---|
| Asset value x exposure factor = | (SLE) Single Loss Expectancy |
| A control may also be called a(n) ____________________ or a(n) ____________________. | Countermeasure, Safeguard |
| When a threat exploits a vulnerability, you experience an ____________ | Impact |
| Single loss expectancy × annualized rate of occurrence = ____________________. | Annualized loss expectancy |
| If you reduce the likelihood of a thread occurring, you__________ a risk. | Control |
| The ____________________ measures the magnitude of the loss of an asset. | Exposure factor |
| Risk analysis is synonymous with____________ | Quantitative Risk Assessment |
| Any circumstance or event with the potential to cause harm to an asset is a____________________. | Threat |
| The characteristics of an asset that can be exploited by a thread to cause harm are it's___________ | Vulnerability |
| ____________ is the overall decision‐making process of identifying threats and vulnerabilities and their potential impacts, determining the costs tomitigate such events, and deciding what cost‐effective actions need to be taken tocontrol these risks. | Risk management |
| Qualitative risk management - | The process of SUBJECTIVELY determining the impact of an event that affects a project, program or business |
| Which of the following correctly defines risk? | The possibility of suffering harm or loss. |
| Single loss expectancy (SLE) can best be defined by which of the following equations | SLE= asset value x exposure factor |
| Which of the following correctly defines annualized rate of occurrence? | On an annualized basis, the frequency with which an event is expected to occur. |
| Which of the following is a technology risk? | Business continuity management |
| The Basel Committee defines operational risk as which of the following? | Risk from disruption by people, systems, processes, or disasters. |
| Which of the following is not an asset? | Equipment failure (Hardware, inventory and cash are business assets) |
| Which of the following would be the calculated single loss expectancy (SLE)? | SLE = $1 million. |
| Which of the following would be the calculated annual loss expectancy (ALE)? | ALE = $20,000 |
| When discussing qualitative risk assessment versus quantitative risk assessment, which of the following is true? | It is impossible to conduct a purely quantitative risk assessment, but it ispossible to conduct a purely qualitative risk assessment. |
| Which of the following correctly defines RESIDUAL RISKS? | The risks still remaining after an iteration of risk management |
| Which of the following is a technology risk? | Security and Privacy. |
| Which the following statements about risk is true? | The risk itself doesn't really change. However actions can be taken to reduce the impact of the risk. |
| Which of the following correctly defines a Gantt chart? | A management tool for diagramming schedules events and activity duration. |
| Which of the following is NOT a viable option when dealing with risk? | A manager can take action to INCREASE risk |
Created by:
ryanparnelltcc1