QUESTION 1 What is the goal or objective of an IT risk management plan?

QUESTION 1

1. What is the goal or objective of an IT risk management plan? 

1. To determine the cost of implementing countermeasures.
2. To analyze hacker threats to match those threats to found system vulnerabilities.
3. To assist organizations in handling risk management for their IT infrastructure and treat all unknown risks.
4. To automatically shut down Internet access if hacking activity is discovered in real-time.

8.00000 points  

QUESTION 2

1. Which of the choices below are NOT one of the five fundamental components of an IT risk management plan? 

1. Risk assessment
2. Risk discovery
3. Risk assessment
4. Risk monitoring

8.00000 points  

QUESTION 3

1. Risk planning is...

1. The process of using the cost-benefit analysis formulas to determine the greatest risk. 
2. The process of analyzing the impact of storm damage on a facility.
3. The process of anticipating risk assessment costs.
4. The process of organizing how to conduct risk management

8.00000 points  

QUESTION 4

1. Which step is to be done first in performing risk management:

1. Risk identification
2. Risk assessment
3. Risk response such as avoidance
4. Risk planning

8.00000 points  

QUESTION 5

1. Which choice below indicates the action of measuring or determining how significant a risk is?

1. Risk mitigation
2. Risk assessment
3. Risk transfer
4. Cost Benefit Analysis 

8.00000 points  

QUESTION 6

1. Which practice helps address risks? 

1. Risk assessment
2. Risk deployment
3. Risk response
4. Risk avoidance

8.00000 points  

QUESTION 7

1. What ongoing practice helps track risk in real time?

1. Risk monitoring
2. Confidentiality, integrity, and availability
3. Risk assessment
4. Risk determinant

8.00000 points  

QUESTION 8

1. True or False: Once all of the steps in risk management are completed (identification, assessment, response, monitoring) the task of risk management is finished.

1.  True
2.  False

8.00000 points  

QUESTION 9

1. Why is it a good idea to establish a risk management plan team?

1. Because the team will be instrumental in completing the cost benefit analysis
2. Because the team will be needed to convince the executive management to complete the risk management assessment.
3. Because a team is needed to maintain momentum and keep the company excited about completing the risk management plan.
4. Because the team must be able to cover all of the IT domains. The scope and boundary of an IT risk management plan can be very large.

8.00000 points  

QUESTION 10

1. Of the 7 IT domains, which domain is the most difficult to identify, assess, and monitor risk in?

1. Workstation domain
2. User domain
3. WAN domain
4. Systems/Applications domain

8.00000 points  

QUESTION 11

1. In the lab work, how did the risk identification and risk assessment of the identified risks, threats, and vulnerabilities help your IT risk management plan outline? 

1. Because the textbook tracts along with the lab manual
2. Because the table in step 13 pointed out 21 risks, threats, and vulnerabilities which identified risk and their impacts. Risk response must focus on immediate action where needed, followed by a plan for ongoing response.
3. Because risk response is based on the findings from vulnerability analysis in the last chapter.
4. It was no help. There is no correlation.

10.00000 points  

QUESTION 12

1. For each of the domains below, match the tools or techniques to help mitigate risk.

1. User domain
2. Remote access domain    
3. LAN-to-WAN domain
4. Workstation domain
5. System/Application domain

A.Audit HR files, implement web-filtering and email filtering

B.Implement VPN tunnels

C.Implement DMZ zone and IDS Intrusion Detection System

D.Automated and scheduled malware and anti-virus scanning

E.Access controls with timeout after three failed login attempts.

10.00000 points  

Click Save and Submit to save and submit. Click Save All Answers to save all answers.