MIDTERM EXAM 1 to 20 Flashcards

1
Q

primary goal of risk management?

A

To minimize potential losses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

This is NOT a step in the risk management process?

A

Risk elimination

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A risk that has a high probability of occurrence and a high potential impact

A

High-risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A risk response strategy involves taking steps to reduce the probability or impact of a risk

A

Risk mitigation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Transferring risk to a third party, such as an insurance company, is an example o

A

Risk transference

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A qualitative risk assessment focuses on

A

Subjective judgments to assess risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A quantitative risk assessment involves:

A

Assigning numerical values to risk factors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

risk management tool visually represents the potential impact and likelihood of risks?

A

Risk matrix

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A contingency plan is developed to

A

Respond to unexpected events

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Continuous monitoring and review of risks is essential to

A
  • Identify new risks
  • Assess the effectiveness of risk controls
  • Update risk assessments

ALL OF THE ABOVE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

the primary goal of security planning

A

To minimize the impact of security incidents

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

This is NOT a key component of a comprehensive security plan

A

Employee training

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The primary purpose of a risk assessment

A

To identify and assess potential threats and vulnerabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A security principle that emphasizes limiting authorized individuals’ access to information and resources

A

Least privilege

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a vulnerability in the context of security?

A

A weakness in a system that can be exploited

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A common security control used to protect information assets

A
  • Encryption
  • Firewalls
  • Intrusion detection systems

ALL OF THE ABOVE

17
Q

The purpose of an incident response plan?

A

To respond to security incidents in a timely and effective manner

18
Q

The key principle of incident response

A
  • Contain the incident as quickly as possible
  • Investigate the root cause of the incident
  • Eradicate the threat

ALL OF THE ABOVE

19
Q

the role of a security awareness program

A

To educate employees about best practices for security

20
Q

a common social engineering technique attackers use

A

Phishing