Business Quiz: Key Principle Of Risk Management Programs

10 Questions | Total Attempts: 237

SettingsSettingsSettings
Please wait...
Business Quiz: Key Principle Of Risk Management Programs

Risk management is an area of knowledge that most managers are expected to understand to a certain level. Effective risk management ensures the continuity of a business's operations. There are different vital principles when it comes to risk management programs. Test your understanding of said principles by taking the quiz below and sharing it with the rest of your classmates.


Questions and Answers
  • 1. 
    What is a key principle of risk management programs?
    • A. 

      Security controls should be protected through the obscurity of their mechanisms.

    • B. 

      Don't spend more to protect an asset than it is worth.

    • C. 

      Apply controls in ascending order of risk.

    • D. 

      Risk avoidance is superior to risk mitigation.

  • 2. 
    Adam is evaluating the security of a web server before it goes live. He believes that an issue in the code allows an SQL injection attack against the server. What term describes the issue that Adam discovered?
    • A. 

      Threat

    • B. 

      Vulnerability

    • C. 

      Risk

    • D. 

      Impact

  • 3. 
    Adam's company recently suffered an attack where hackers exploited an SQL injection issue on their web server and stole sensitive information from a database. What term describes this activity?
    • A. 

      Event

    • B. 

      Outage

    • C. 

      Incursion

    • D. 

      Incident

  • 4. 
    Joe is responsible for the security of the industrial control systems for a power plant. What type of environment does Joe administer?
    • A. 

      Supervisory Control and Data Acquisition (SCADA)

    • B. 

      Embedded

    • C. 

      Mobile

    • D. 

      Mainframe

  • 5. 
    Beth is conducting a risk assessment. She is trying to determine the impact a security incident will have on the reputation of her company. What type of risk assessment is best suited to this type of analysis?
    • A. 

      Quantitative

    • B. 

      Financial

    • C. 

      Qualitative

    • D. 

      Objective

  • 6. 
    Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the exposure factor?
    • A. 

      1 percent

    • B. 

      10 percent

    • C. 

      20 percent

    • D. 

      50 percent

  • 7. 
    Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the single loss expectancy (SLE)?
    • A. 

      2,000

    • B. 

      20,000

    • C. 

      200,000

    • D. 

      2,000,000

  • 8. 
    Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the annualized loss expectancy (ALE)?
    • A. 

      2,000

    • B. 

      20,000

    • C. 

      200,000

    • D. 

      2,000,000

  • 9. 
    Purchasing an insurance policy is an example of the ____________ risk management strategy.
    • A. 

      Reduce

    • B. 

      Transfer

    • C. 

      Accept

    • D. 

      Avoid

  • 10. 
    Alan is the security manager for a mid-sized business. The company has suffered several serious data losses when mobile devices were stolen. Alan decides to implement full disk encryption on all mobile devices. What risk response did Alan take?
    • A. 

      Reduce

    • B. 

      Transfer

Back to Top Back to top