CSIA 300 – Midterm Exam 2024 with Correct Answers
CSIA 300 – Midterm Exam 2024 with Correct Answers Within the realm of IT security, which of the following combinations best defines risk? -Answer- Threat coupled with a vulnerability When determining the value of an intangible asset which is the BEST approach? -Answer-With the assistance of a finance of accounting professional determine how much profit the asset has returned Qualitative risk assessment is earmarked by which of the following? -Answer-Ease of implementation and it can be completed by personnel with a limited understanding of the risk assessment process Single loss expectancy (SLE) is calculated by using: -Answer-Asset value and exposure factor Consideration for which type of risk assessment to perform includes all of the following: - Answer-Culture of the organization, budget, capabilities and resources Security awareness training includes: -Answer-Security roles and responsibilities for staff What is the minimum and customary practice of responsible protection of assets that affects a community or societal norm? -Answer-Due care Effective security management: -Answer-Reduces risk to an acceptable level Availability makes information accessible by protecting from: -Answer-Denial of services, fires, floods, and hurricanes and unreadable backup tapes Which phrase best defines a business continuity/disaster recover plan? -Answer-The adequate preparations and procedures for the continuation of all organization functions Which of the following steps should be performed first in a business impact analysis (BIA)? - Answer-Identify all business units within an organization Tactical security plans are BEST used to: -Answer-Deploy new security technology Who is accountable for implementing information security? -Answer-Security officer Security is likely to be most expensive when addressed in which phase? -Answer- Implementation Information systems auditors help the organization: -Answer-Identify control gaps The Facilitated Risk Analysis Process (FRAP) -Answer-makes a base assumption that a narrow risk assessment is the most efficient way to determine risk in a system, business segment, application or process. Setting clear security roles has the following benefits: -Answer-Establishes personal accountability, establishes continuous improvement and reduces turf battles
Written for
- Institution
- CSIA
- Course
- CSIA
Document information
- Uploaded on
- January 29, 2024
- Number of pages
- 8
- Written in
- 2023/2024
- Type
- Exam (elaborations)
- Contains
- Questions & answers
Subjects
-
csia 300 midterm exam 2024 with correct answers
Also available in package deal
