quiz 18 csia – Savvy Essay Writers

The risk treatment option of applying controls to reduce risk is known as:

Question options:

	Risk Modification or Mitigation
	Risk Retention or Acceptance
	Risk Avoidance or Elimination
	Risk Sharing or Transfer

View Feedback

Question 2

0 / 4 points

The risk treatment option of deliberately operating without applying one of the other treatment options available is known as

Question options:

	Risk Retention or Acceptance
	Risk Avoidance or Elimination
	Risk Modification or Mitigation
	Risk Sharing or Transfer

View Feedback

Question 3

4 / 4 points

A security policy must be so written that it can be understood by

Question options:

	The CEO
	Its Target Audience
	The Security Team
	The CISO

View Feedback

Question 4

4 / 4 points

These are created by various third-party organizations and are designed to provide a framework to assist organizations in building their information security program

Question options:

	Policies
	Standards
	Procedures
	Laws

View Feedback

Question 5

4 / 4 points

Residual risk is defined as

Question options:

	Risk that remains after controls are implemented
	Risk from a 3rd party vendor
	Risk that is harmless
	The total risk that exists

View Feedback

Question 6

4 / 4 points

Compliance is the act of conforming to:

Question options:

	Laws
	All stated requirements
	Contracts
	Policies

View Feedback

Question 7

0 / 4 points

The risk treatment option of reassigning accountability for a risk to another entity or organization is known as

Question options:

	Risk Sharing or Transfer
	Risk Retention or Acceptance
	Risk Modification or Mitigation
	Risk Avoidance or Elimination

View Feedback

Question 8

4 / 4 points

These exist to guide the processes of identifying, treating, and monitoring information security risks in an organization.

Question options:

	Security Operations Centers
	Security Policies
	Risk Management Frameworks
	Threat Intelligence Feeds

View Feedback

Question 9

0 / 4 points

Controls are implemented to:

Question options:

	Develop Processes
	Change Policies
	Mitigate Risks
	Provide Data

View Feedback

Question 10

4 / 4 points

__________ is a central repository where risks and risk treatments are stored and regularly reviewed.

Question options:

	Quantitative Assessment
	Risk Registry
	Qualitative Assessment
	Risk Treatment Plan

View Feedback

Question 11

0 / 6 points

If you were CISO of a company that primarily does business with the U.S. government and had to design an information security program which framework would be most appropriate?

Question options:

	HITRUST Common Security Framework (CSF)
	NIST 800 series
	ISO 27001
	PCI DSS

View Feedback

Question 12

0 / 6 points

What financial tool would a CISO use to ensure that the cost of security controls cannot exceed the value of the information or assets being protected?

Question options:

	Return on Investment (ROI)
	Net Present Value (NPV)
	Internal Rate of Return (IRR)
	Cost Benefit Analysis (CBA)

View Feedback

Question 13

0 / 6 points

Which of the following articles has the least impact on the development of an organization’s information security policies, standards, and procedures?

Question options:

	Best practices
	Standards
	Regulations
	Laws

View Feedback

Question 14

0 / 6 points

Governance, Risk, and _______ are the 3 things that account for nearly half of a CISO’s time.

Question options:

	Vendor Management
	Compliance
	Training
	Audits

View Feedback

Question 15

6 / 6 points

If a risk would cause $800,000 in damages and $200,000 in clean-up costs and the likelihood of the risk manifesting is 5%, what would be the Annual Loss Expectation?

Question options:

	$1 million
	$800,000
	$200,000
	$50,000

View Feedback

Question 16

0 / 10 points

The maturity of an organization influences governance which influences the governance of the information security program. What size company would be more likely to have a higher level of maturity?

Question options:

	Small
	None of the listed choices are correct.
	Large
	Medium

View Feedback

Question 17

0 / 10 points

How would you demonstrate an organization’s commitment to adhere to legal and regulatory requirements?

Question options:

	Implementing controls to mitigate risk.
	Audit findings.
	A properly written security policy.
	Develop appropriate security procedures.

View Feedback

Question 18

0 / 10 points

In the case of business leadership choosing an alternate risk treatment than what the CISO recommended, what position does the CISO take?

Question options:

	The CISO should support the decision and ensure the risk treatment is implemented.
	The CISO should conduct another risk analysis to ensure the risk treatment recommended is the most appropriate.
	The CISO should refuse to implement the alternate risk treatment
	The CISO should shift from being an advisor to advocate for the recommended risk treatment.

#write essay #research paper #blog writing #article writing #academic writer #reflective paper #essay pro #types of essays #write my essay #reflective essay #paper writer #essay writing service #essay writer free #essay helper #write my paper #assignment writer #write my essay for me #write an essay for me #uk essay #thesis writer #dissertation writing services #writing a research paper #academic essay #dissertation help #easy essay #do my essay #paper writing service #buy essay #essay writing help #essay service #dissertation writing #online essay writer #write my paper for me #types of essay writing #essay writing website #write my essay for free #reflective report #type my essay #thesis writing services #write paper for me #research paper writing service #essay paper #professional essay writers #write my essay online #essay help online #write my research paper #dissertation writing help #websites that write papers for you for free #write my essay for me cheap #pay someone to write my paper #pay someone to write my research paper #Essaywriting #Academicwriting #Assignmenthelp #Nursingassignment #Nursinghomework #Psychologyassignment #Physicsassignment #Philosophyassignment #Religionassignment #History #Writing #writingtips #Students #universityassignment #onlinewriting #savvyessaywriters #onlineprowriters #assignmentcollection #excelsiorwriters #writinghub #study #exclusivewritings #myassignmentgeek #expertwriters #art #transcription #grammer #college #highschool #StudentsHelpingStudents #studentshirt #StudentShoe #StudentShoes #studentshoponline #studentshopping #studentshouse #StudentShoutout #studentshowcase2017 #StudentsHub #studentsieuczy #StudentsIn #studentsinberlin #studentsinbusiness #StudentsInDubai #studentsininternational