TRUE/FALSE Show
1. A control classified as preventative has to be known by aperson in order to be effective. 2. For an intangible impact, assigning a financial value of theimpact is easy. 3. All risks need to be mitigated or controlled. Multiple choice 4. Which term refers to the possibility of suffering harm orloss? A. Risk B. Hazard C. Threat vector D. Threat actor 5. Which action is an example of transferring risk? A. Management purchases insurance for the occurrence of therisk. B. Management applies controls that reduce the impact of anattack. C. Management has decided to accept responsibility for the riskif it does happen. D. Management has decided against deploying a module thatincreases risk. 6. Which term refers to ensuring proper procedures are followedwhen modifying the IT infrastructure? A. Qualitative risk assessment B. Quantitative risk assessment C. Configuration management D. Change management 7. What is the first step in the general risk managementmodel? A. Asset identification B. Threat assessment C. Impact determination and quantification D. Residual risk management 8. Which event is an example of a tangible impact? A. Breach of legislation or regulatory requirements B. Loss of reputation or goodwill (brand damage) C. Endangerment of staff or customers D. Breach of confidence 9. If you have a farm of five web servers and two of them break,what is the exposure factor (EF)? A. 0 percent B. 20 percent C. 40 percent D. 100 percent 10. Which term refers to the path or tool used by an attacker toattack a target? A. Baseline monitor B. Threat vector C. Configuration scanner D. Target actor Which term refers to the ability to distribute the processing load over two or more systems?Multiprocessing is the use of two or more central processing units (CPUs) within a single computer system. The term also refers to the ability of a system to support more than one processor or the ability to allocate tasks between them.
Which infection method involves planting malware on a Web site that the victim employees will likely visit?Spear phishing makes the victim user open an email attachment or click on a link to make him download a malicious file, like malware or virus, or to make the victim visit a malicious site where the attacker can steal sensitive or confidential information related to the user.
Which term refers to the predicted average time that will elapse before failure or between failures of a system?Mean time to failure (or mean time between failures) The predicted average time that will elapse before failure (or between failures) of a system (generally referring to hardware components). Mean time to restore (or mean time to recovery)
What tool is the protocol standard for collecting metadata on network traffic flow?NetFlow is a protocol used to collect metadata on IP traffic flows traversing a network device. Developed by Cisco Systems, NetFlow is used to record metadata about IP traffic flows traversing a network device such as a router, switch, or host.
|
If you have a farm of five web servers and two of them break, what is the exposure factor (ef)?
Urheberrechte © © 2024 ketiadaan Inc.
