Which of the following will be the GREATEST concern when assessing the risk profile of an organization?

• A.The risk profile was developed without using industry standards.
• B.The risk profile was not updated after a recent incident
• C.The risk profile was last reviewed two years ago.
• D.The risk profile does not contain historical loss data.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST effective way to incorporate stakeholder concerns when developing risk scenarios?

• A.Conducting internal audits
• B.Establishing key performance indicators (KPIs)
• C.Evaluating risk impact
• D.Creating quarterly risk reports

Comment: *

Name: *

Email: *

Verification: *

What should a risk practitioner do FIRST when vulnerability assessment results identify a weakness in an application?

• A.Recommend a penetration test.
• B.Analyze key performance indicators (KPIs).
• C.Review regular control testing results.
• D.Assess the risk to determine mitigation needed.

Comment: *

Name: *

Email: *

Verification: *

A business unit is updating a risk register with assessment results for a key project. Which of the following is MOST important to capture in the register?

• A.Action plans to address risk scenarios requiring treatment
• B.The team that performed the risk assessment
• C.An assigned risk manager to provide oversight
• D.The methodology used to perform the risk assessment

Comment: *

Name: *

Email: *

Verification: *

You are the administrator of your enterprise. Which of the following controls would you use that BEST protects an enterprise from unauthorized individuals gaining access to sensitive information?

• A.Monitoring and recording unsuccessful logon attempts
• B.Forcing periodic password changes
• C.Using a challenge response system
• D.Providing access on a need-to-know basis

Comment: *

Name: *

Email: *

Verification: *