Chapter 1 Risk Management

Question 1

What is a threat in the context of business risk?

Answer 1

Anyone or anything threatening to grab any information

Threats can include external entities or internal vulnerabilities that pose a risk to the confidentiality, integrity, or availability of information.

Question 2

What is a vulnerability?

Answer 2

Weaknesses or gaps in our security that allows threats to access our assets.

Question 3

What is risk?

Answer 3

Risk is the potential for a threat to exploit a vulnerability and cause harm to our assets

None

Question 4

What is cybersecurity primarily about?

Answer 4

Understanding and protecting our assets

Assets can include data, networks, and systems.

Question 5

What is a key aspect of cybersecurity related to potential threats?

Answer 5

Recognizing risk

Risk recognition involves identifying potential threats to information security.

Question 6

What does cybersecurity aim to address in relation to systems and data?

Answer 6

Addressing vulnerabilities

Vulnerabilities are weaknesses that can be exploited by threats.

Question 7

What is the goal of cybersecurity in terms of risk management?

Answer 7

Minimizing the risk

This involves implementing strategies to reduce the likelihood of security breaches.

Question 8

What does the CIA Security Triad stand for?

Answer 8

Confidentiality, Integrity & Availability

Question 9

What is the primary purpose of the CIA Security Triad?

Answer 9

It is the backbone of cybersecurity.

Question 10

What does confidentiality ensure?

Answer 10

Data is only accessible to those who have the authority to view it.

Confidentiality is a key principle in information security.

Question 11

What does integrity ensure in data management?

Answer 11

Integrity ensures data remains unaltered and genuine.

Without integrity, systems and data can’t be trusted.

Question 12

What does availability ensure?

Answer 12

Systems, applications, and data are available and operational when needed.