You are the project manager of GHT project. You have implemented an automated tool to analyze and report on access control logs based on severity. This tool generates excessively large amounts of results.
You perform a risk assessment and decide to configure the monitoring tool to report only when the alerts are marked "critical". What you should do in order to fulfill that?

• A.Apply risk response
• B.Optimize Key Risk Indicator
• C.Update risk register
• D.Perform quantitative risk analysis

Comment: *

Name: *

Email: *

Verification: *

Which of the following will BEST quantify the risk associated with malicious users in an organization?

• A.Business impact analysis
• B.Threat risk assessment
• C.Vulnerability assessment
• D.Risk analysis

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST helpful in determining the effectiveness of an organization's IT risk mitigation efforts?

• A.Assigning identification dates for risk scenarios in the risk register
• B.Reviewing key risk indicators (KRIS)
• C.Updating impact assessments for risk scenario
• D.Verifying whether risk action plans have been completed

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST way to determine whether new controls mitigate security gaps in a business system?

• A.Conduct a compliance check against standards.
• B.Perform a vulnerability assessment.
• C.Measure the change in inherent risk.
• D.Complete an offsite business continuity exercise.

Comment: *

Name: *

Email: *

Verification: *

Who is PRIMARILY accountable for risk treatment decisions?

• A.Risk owner
• B.Risk manager
• C.Business manager
• D.Data owner

Comment: *

Name: *

Email: *

Verification: *