J. Risks Objectives

Question 1

What a strategy describes

Answer 1

How goal and objectives are to be met.

Question 2

What inputs to consider before developing objectives

Answer 2

Risk assessments and Threat assessments.

Question 3

Why a risk assessment

Answer 3

To reveal risks present in the organization.

Question 4

Result of risk assesement

Answer 4

Provides a strategist with valuable information on the types of resources required to bring risks down to an acceptable levels.

Question 5

Why performing a threat assessment

Answer 5

To better understand relevant threats.

Question 6

Result of threat assessment

Answer 6

Gives the strategist information about the types of threats most likely to have an impact on the organization, regardless of the effectiveness of controls.

Question 7

Why performing a threat assessment provides an additional perspective on risk

Answer 7

Because a threat assessment focuses on external threats and threat scenarios, regardless of the presence or effectiveness of preventive or detective controls.

Question 8

Security policy

Answer 8

Is thought of as an organization’s internal laws and regulations with regard to the protection of important assets.

Question 9

Security Standards

Answer 9

Describes in detail the methods, techniques, technologies, specifications, brands, and configurations to be used throughout the organization.

Question 10

Guidlines

Answer 10

Provides more details on how to adhere to policies.

Question 11

Organization’s achitechture

Answer 11

Documentation of systems, networks, data flows and other aspects of its environments.

Question 12

Technical debt

Answer 12

Poor design and

outdated and unsupported components

Question 13

When is technical debt accumulated

Answer 13

When organizations lack personnel capable of creating good architectural designs and also when an organization fails to upgrade end-of-life components.

Question 14

Last Page

Answer 14

81 - Control