MIDTERM EXAM 1 to 20 Flashcards
primary goal of risk management?
To minimize potential losses
This is NOT a step in the risk management process?
Risk elimination
A risk that has a high probability of occurrence and a high potential impact
High-risk
A risk response strategy involves taking steps to reduce the probability or impact of a risk
Risk mitigation
Transferring risk to a third party, such as an insurance company, is an example o
Risk transference
A qualitative risk assessment focuses on
Subjective judgments to assess risk
A quantitative risk assessment involves:
Assigning numerical values to risk factors
risk management tool visually represents the potential impact and likelihood of risks?
Risk matrix
A contingency plan is developed to
Respond to unexpected events
Continuous monitoring and review of risks is essential to
- Identify new risks
- Assess the effectiveness of risk controls
- Update risk assessments
ALL OF THE ABOVE
the primary goal of security planning
To minimize the impact of security incidents
This is NOT a key component of a comprehensive security plan
Employee training
The primary purpose of a risk assessment
To identify and assess potential threats and vulnerabilities
A security principle that emphasizes limiting authorized individuals’ access to information and resources
Least privilege
What is a vulnerability in the context of security?
A weakness in a system that can be exploited