- All Exams Instant Download
Which of the following statements best defines information security risk?
Which of the following statements best defines information security risk?A . The potential that threats will exploit vulnerabilities of an information asset and cause harm to an organizationB . Weakness of an asset or control that can be exploited by one or a group of threatsC . Potential cause of...
Is this a good practice?
Scenario 1 The risk assessment process was led by Henry, Bontton’s risk manager. The first step that Henry took was identifying the company’s assets. Afterward, Henry created various potential incident scenarios. One of the main concerns regarding the use of the application was the possibility of being targeted by cyber...
According to ISO 31000, which of the following is a principle of risk management?
According to ISO 31000, which of the following is a principle of risk management?A . DynamicB . QualitativeC . ReliabilityView AnswerAnswer: A Explanation: According to ISO 31000, a principle of risk management is that it should be dynamic. This means that risk management practices should be flexible and able to...
What did Henry identify in this case?
Scenario 1 The risk assessment process was led by Henry, Bontton’s risk manager. The first step that Henry took was identifying the company’s assets. Afterward, Henry created various potential incident scenarios. One of the main concerns regarding the use of the application was the possibility of being targeted by cyber...
Based on scenario 2, has Travivve defined the responsibilities of the risk manager appropriately?
Scenario 2: Travivve is a travel agency that operates in more than 100 countries. Headquartered in San Francisco, the US, the agency is known for its personalized vacation packages and travel services. Travivve aims to deliver reliable services that meet its clients’ needs. Considering the impact of information security in...
Which information security principle does Bontton want to ensure in this case?
Scenario 1 The risk assessment process was led by Henry, Bontton’s risk manager. The first step that Henry took was identifying the company’s assets. Afterward, Henry created various potential incident scenarios. One of the main concerns regarding the use of the application was the possibility of being targeted by cyber...
Based on scenario 2, the team decided to involve interested parties in risk management activities. Is this a good practice?
Scenario 2: Travivve is a travel agency that operates in more than 100 countries. Headquartered in San Francisco, the US, the agency is known for its personalized vacation packages and travel services. Travivve aims to deliver reliable services that meet its clients’ needs. Considering the impact of information security in...
