Which of the following activities must be completed BEFORE you can calculate risk?

• A.Calculating the risks to which assets are exposed in their current setting
• B.Assigning a value to each information asset
• C.Assessing the relative risk facing the organization's information assets
• D.Determining the likelihood that vulnerable systems will be attacked by specific threats

Comment: *

Name: *

Email: *

Verification: *

Which of the following is a symmetric encryption algorithm?

• A.RSA
• B.ECC
• C.3DES
• D.MD5

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?

• A.Need to transfer the risk associated with hosting PII data
• B.Need to comply with breach disclosure laws
• C.Fiduciary responsibility to safeguard credit card information
• D.Need to better understand the risk associated with using PII data

Comment: *

Name: *

Email: *

Verification: *

Within an organization's vulnerability management program, who has the responsibility to implement remediation actions?

• A.Data center manager
• B.System administrator
• C.Network architect
• D.Data owner

Comment: *

Name: *

Email: *

Verification: *

Acme Inc. has engaged a third party vendor to provide 99.999% up-time for their online web presence and had them contractually agree to this service level agreement. What type of risk tolerance is Acme exhibiting? (choose the BEST answer):

• A.high risk-tolerance
• B.low risk-tolerance
• C.moderate risk-tolerance
• D.medium-high risk-tolerance

Comment: *

Name: *

Email: *

Verification: *