You work as a project manager for SoftTech Inc. You are working with the project stakeholders to begin the qualitative risk analysis process. Which of the following inputs will be needed for the qualitative risk analysis process in your project?
Each correct answer represents a complete solution. (Choose three.)

• A.Project scope statement
• B.Cost management plan
• C.Risk register
• D.Organizational process assets

Correct Answer: A,C,D

Explanation/Reference:
Explanation:
The primary goal of qualitative risk analysis is to determine proportion of effect and theoretical response.
The inputs to the Qualitative Risk Analysis process are:
Organizational process assets

Project Scope Statement

Risk Management Plan

Risk Register

Incorrect Answers:
B: The cost management plan is the input to the perform quantitative risk analysis process.

Comment: *

Name: *

Email: *

Verification: *

Which of the following helps ensure compliance with a nonrepudiation policy requirement for electronic transactions?

• A.Digital signatures
• B.One-time passwords
• C.Digital certificates
• D.Encrypted passwords

Comment: *

Name: *

Email: *

Verification: *

Which of the following IS processes provide indirect information?
Each correct answer represents a complete solution. Choose three.

• A.Post-implementation reviews of program changes
• B.Security log monitoring
• C.Problem management
• D.Recovery testing
• E.Explanation:
  Security log monitoring, Post-implementation reviews of program changes, and Problem management provide indirect information. Security log monitoring provide indirect information about certain controls in the security environment, particularly when used to analyze the source of failed access attempts. Post-implementation reviews of program changes provide indirect information about the effectiveness of internal controls over the development process. Problem management provide indirect information about the effectiveness of several different IS processes that may ultimately be determined to be the source of incidents.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important consideration when sharing risk management updates with executive management?

• A.Relying on key risk indicator (KRI) data
• B.Including trend analysis of risk metrics
• C.Ensuring relevance to organizational goals
• D.Using an aggregated view of organizational risk

Comment: *

Name: *

Email: *

Verification: *

Which of the following would be considered a vulnerability?

• A.Server downtime due to a denial of service (DoS) attack
• B.Authorized administrative access to HR files
• C.Corruption of files due to malware
• D.Delayed removal of employee access

Comment: *

Name: *

Email: *

Verification: *