Lecture 2-2

Question 1

What is the formula for calculating ROI in vulnerability management?

Answer 1

ROI = (Gain from Investment – Cost of Investment) * 100 / Cost of Investment

Question 2

VM governance: what is it’s role in an organization?

Answer 2

1. Helps in justifying the cost of security controls
2. Helps calculate ROI

Question 3

What is the significance of having a robust vulnerability management program?

Answer 3

It shows the security posture and lowers the risk [Probability*impact]

Question 4

What is the impact of failing to comply with regulatory standards?

Answer 4

Heavy fines/bans

Question 5

What is the purpose of security testing?

Answer 5

To check the effectiveness of your security controls regularly

Question 6

Who performs a security assessment?

Answer 6

a technical assessor

Question 7

Security Audits are performed by who

Answer 7

independent auditors

Question 8

What is the goal of implementing a vulnerability management program?

Answer 8

To effectively mitigate all the risks

Question 9

What does the term ‘security posture’ refer to?

Answer 9

The security strength of the organization

(Overall security status, ability to respond to threats)

Question 10

True or False: Vulnerability management only focuses on eliminating vulnerabilities.

Answer 10

False