The Likelihood metric in risk assessment indicates:

The probability of a specific event occurring

How is 'annualized loss expectancy' (ALE) calculated?

Probability of Attack - Expected Loss

In the context of information security frameworks, what does 'COBIT' stand for?

Control Objectives for Information and Related Technology

Corporate Objectives for Balanced Insights and Trade-offs

Centralized Operational Benefits in Information Technology

Common Objectives for Business Integrity and Transparency

What does 'loss magnitude' represent in risk assessment?

The potential loss from a successful attack

The actual financial loss due to a security breach

What is the annualized rate of occurrence (ARO)?

The number of threats expected to occur within a year

The total potential financial impact

The average duration of security events

The total number of vulnerabilities

Cost-benefit analysis (CBA) in risk management seeks to:

Justify the cost of controls against potential risks

Eliminate the need for further assessments

Increase the organization’s workforce

The term 'exposure factor' (EF) is best defined as:

Percentage of asset loss due to a threat

A factor that quantifies return on investment

The cost associated with deploying a safeguard

Which of the following is a major undertaking of the risk management process?

Risk identification, risk assessment, and risk control.

Risk management, risk assessment, and risk control.

Risk control, risk management, and risk assessment.

Risk identification, risk assessment, and risk mitigation.

Why do organizations need to identify and understand their current information and systems?

To maintain confidentiality, integrity, and availability of information assets.

To protect information assets from internal threats.

To understand the threats facing the organization.

To protect information assets from external threats.

What is the "Know Yourself" step in risk management?

Identifying and understanding the current information and systems in the organization.

Identifying the threats facing the organization.

Determining which control options are cost-effective for the organization.

What are the three main categories of a data classification scheme?

Confidential, internal, external.

Sensitive, proprietary, public.

Employees, non-employees, public.

Information Assurance and Security Final Term Quiz 1 Quiz

30 questions

Show all answers

1.

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

What term describes the potential for loss or damage when a threat exploits a vulnerability?

Impact

Weakness

Risk

Threat

2.

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

When assessing risk, what does 'asset value' refer to?

Cost of the asset

Importance of the asset to the organization

Market price of the asset

Depreciation of the asset

3.

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

What does the term 'threat' mean in risk management?

A potential occurrence or event that could exploit a vulnerability and cause harm.

A weakness or a flaw in a system, a process, or a piece of code that can potentially be exploited by an attacker

A type of vulnerability

A potential impact of exploiting a vulnerability, causing harm to an organization, individual, or asset.

4.

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

In the context of information security, a vulnerability is:

A potential threat

A weakness that can be exploited

A type of attack

An organizational policy

5.

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

Which of the following is NOT a type of risk control strategy?

Mitigation

Acceptance

Transfer

Ignore

6.

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

Which of the following is NOT a step in the risk management process?

Risk identification

Risk avoidance

Risk assessment

Risk control

7.

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

What is the first step in risk management?

Risk assessment

Risk control

Risk identification

Risk mitigation

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

25 questions

Algorithms are not magic - AQA A Level Computer Science

Quiz

•

8th Grade - University

26 questions

Typescript class 02

Quiz

•

University

25 questions

Ulangan Harian XII AIJ TKJ

Quiz

•

University

25 questions

security+ (601)

Quiz

•

9th Grade - Professio...

25 questions

Atividade sobre Modelos de Processo de Software

Quiz

•

University

25 questions

SDN & VMWare

Quiz

•

University

25 questions

Module 3 - Security Architecture

Quiz

•

University

25 questions

DEL Test

Quiz

•

University

Popular Resources on Wayground

10 questions

Factors 4th grade

Quiz

•

4th Grade

10 questions

Cinco de Mayo Trivia Questions

Interactive video

•

3rd - 5th Grade

13 questions

Cinco de mayo

Interactive video

•

6th - 8th Grade

20 questions

Math Review

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

20 questions

Inferences

Quiz

•

4th Grade

19 questions

Classifying Quadrilaterals

Quiz

•

3rd Grade

Discover more resources for Computers

20 questions

Block Buster Movies

Quiz

•

10th Grade - Professi...

20 questions

Disney Trivia

Quiz

•

University

24 questions

5th Grade Math EOG Review

Quiz

•

KG - University

14 questions

Reading- SC Ready Practice

Quiz

•

5th Grade - University

25 questions

APUSH Decades Review

Quiz

•

9th Grade - University

40 questions

Famous Logos

Quiz

•

7th Grade - University

44 questions

Repaso - La Calaca Alegre (whole book) [Twist]

Quiz

•

9th Grade - University

14 questions

(5-3) 710 Mean, Median, Mode & Range Quick Check

Quiz

•

6th Grade - University

Information Assurance and Security Final Term Quiz 1

What term describes the potential for loss or damage when a threat exploits a vulnerability?

When assessing risk, what does 'asset value' refer to?

What does the term 'threat' mean in risk management?

In the context of information security, a vulnerability is:

Which of the following is NOT a type of risk control strategy?

Which of the following is NOT a step in the risk management process?

What is the first step in risk management?

What does risk management aim to reduce?

What type of data classification is considered the most sensitive?

It is a model that quantitatively assesses the severity of a cyberthreat using a scaled rating system that assigns numerical values to risk categories

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers