SANS Security's Foundation
The elements of the CIA are - answerConfidentiality, Integrity, Availability
Which role always has ultimate responsibility for security in an organization? -
answerSenior Manager
What is the goal of most Cyber Threats today? - answerMake money for the attacker
What is the name of the role with primary responsibility for data? - answerData Owner
What role is responsible for implementing controls on data? - answerData Custodian
The term due care means that senior management has a legal responsibility to -
answerAct as a reasonable person would act in protecting assets
Who in the organization determines if risk is acceptable? - answerChief Executive
Officer (CEO)
The term Exposure Factor means - answerThe percentage of asset value loss
The term Single Loss Expectancy means - answerWhat is costs each time a threat
materializes
The formula to arrive at Annual Loss Expectancy is - answerAnnual Rate of Occurance
* Single Loss Expectancy
The formula to arrive at Single Loss Expectancy is - answerAsset Value * Exposure
Factor
Which approach to Risk Assessment is based on money? - answerQuantitative
Which approach to Risk Assessment is based on severity and likelihood? -
answerQualitative
Of the three control areas, which deals with authentication? - answerTechnical Controls
Of the three control types, which deals with authentication? - answerPreventive
Which Risk Strategy deals with stopping risky activities or business practices? -
answerRisk Avoidance
The elements of the CIA are - answerConfidentiality, Integrity, Availability
Which role always has ultimate responsibility for security in an organization? -
answerSenior Manager
What is the goal of most Cyber Threats today? - answerMake money for the attacker
What is the name of the role with primary responsibility for data? - answerData Owner
What role is responsible for implementing controls on data? - answerData Custodian
The term due care means that senior management has a legal responsibility to -
answerAct as a reasonable person would act in protecting assets
Who in the organization determines if risk is acceptable? - answerChief Executive
Officer (CEO)
The term Exposure Factor means - answerThe percentage of asset value loss
The term Single Loss Expectancy means - answerWhat is costs each time a threat
materializes
The formula to arrive at Annual Loss Expectancy is - answerAnnual Rate of Occurance
* Single Loss Expectancy
The formula to arrive at Single Loss Expectancy is - answerAsset Value * Exposure
Factor
Which approach to Risk Assessment is based on money? - answerQuantitative
Which approach to Risk Assessment is based on severity and likelihood? -
answerQualitative
Of the three control areas, which deals with authentication? - answerTechnical Controls
Of the three control types, which deals with authentication? - answerPreventive
Which Risk Strategy deals with stopping risky activities or business practices? -
answerRisk Avoidance
