The probability that a specific vulnerability within an organization will be successfully attackedThe risk that remains to an information asset even after an existing control has been appliedA means to target a specific vulnerabilityThreat agentStandardHackerTrojan horseLikelihoodResidual riskExploit
The process used to identify and then control risks to an organization’s information assetsA segment of code that performs malicious actionsQuestion 41 / 1 ptsA(n) ____ is an object, person, or other entity that is a potential risk of loss to an asset.threatintellectual propertyTrojan horsepayloadQuestion 51 / 1 ptsA(n) ____ is an investigation and assessment of the impact that various attacks can have on the organization.business impact analysis (BIA)Risk managementVirus
business continuity analysis (BCA)incident response analysis (IRA)threat analysisQuestion 61 / 1 ptsA ____ attack seeks to deny legitimate users access to services by either tying up a server’s available resources or causing it to shut down.DoSspywareTrojan horsesocial engineeringQuestion 71 / 1 ptsInformation assets have ____ when authorized users - persons or computer systems - are able to access them in the specified format without interference or obstruction.
risk assessmentintegrityavailabilityconfidentialityQuestion 81 / 1 ptsA(n) ____________________ is defined as a “flaw or weakness in system security procedures, design, implementation, or internal controls that could be exercised (accidentally triggered or intentionally exploited) and result in a security breach or violation of the system’s security policy.”Question 91 / 1 ptsA ____ is a document that describes how, in the event of a disaster, critical business functions continue at an alternate location while the organization recovers its ability to function at the primary site.business continuity planincident response planvulnerability
risk assessment plandisaster recovery planQuestion 101 / 1 ptsFor the purpose of making relative risk assessments, we can say that ____________________ equals the likelihood of a vulnerability occurring times thevalue (or impact) of that asset to the organization minus thepercentage of risk that is already being controlled plus an element of uncertainty.
Upload your study docs or become a
Course Hero member to access this document
Upload your study docs or become a
Course Hero member to access this document
End of preview. Want to read all 59 pages?
Upload your study docs or become a
Course Hero member to access this document