Irm Quiz - Information Risk Management
(216).jpg "Irm Quiz - Information Risk Management")
Information Risk Management (IRM) is a form of risk minimization through policies, procedures, and technology which reduce the threat of cyber attacks from vulnerabilities and bad data security and from third-parties. Wanna learn new things about the topic or revise it? Take the following quiz!
- 1.It is risk to the existence or profit of the organization and may or may not have information security significance.
- A.
Strategic Risk
- B.
Tactical Risk
- C.
Operational Risk
- 2.It is risk to the information security program’s ability to mitigate relevant strategic risk to information.
- A.
Strategic Risk
- B.
Tactical Risk
- C.
Operational Risk
- 3.It is concerned with the ability to implement the tactical risk-based control objectives. Such risk includes budget, timelines, and technologies.
- A.
Strategic Risk
- B.
Tactical Risk
- C.
Operational Risk
- 4.Is providing a feedback mechanism is use for continuous process improvement, true or false?
- A.
True
- B.
False
- 5.Not included as Risk Management Process
- A.
Set Scope
- B.
Address Risk
- C.
Measure Performance
- D.
Quality Assurance
- 6.[Blank] are negative events that occur when a vulnerability or weakness is exploited.
- 7.Threat forecasting examines multiple information sources or sensors. Th reat sensors may include
- A.
Regulatory noncompliance
- B.
Technical Vulnerabilities
- C.
Program Reviews
- 8.Risk assessments look at the ability of the information security program to identify and mitigate relevant strategic risk to information.
- A.
Strategic Assessment
- B.
Option Operational Assessment
- C.
Tactical Assessment
- 9.Is Technical vulnerability assessments are an example of a specifically focused type of operational risk assessment true or false?
- A.
True
- B.
False
- 10.Is a risk assessment framework does not allows both organization of thought and recognition of relationships among this diverse collection of threats and vulnerabilities, true or false?
- A.
True
- B.
False
- 11.Three attributes of Probability
- A.
Frequency
- B.
Velocity
- C.
Simplicity
- D.
Motive
- 12.It is the impact successful execution of the event would cause the organization.
- 13.Is risk may be transferred to someone with a higher risk tolerance, for example, an insurance company, true or false?
- A.
True
- B.
False
- 14.Controls are controls that can weigh cost versus benefits.
- A.
Out of Control
- B.
Mandatory controls
- C.
Discretionary controls
- 15.These are controls that must be implemented to mitigate specific risks.
- A.
Out of Control
- B.
Mandatory controls
- C.
Discretionary controls
- 16.The treatment plan should be comprehensive and should document all necessary information about (thick at least three options)
- A.
Resource requirements
- B.
Performance measures
- C.
Reporting and monitoring requirements
- D.
Set up risk reduction
- 17.Is an important responsibility of the action plan owner is to identify requirements and procure necessary resources to implement the plan, true or false?
- A.
True
- B.
False
- 18.Is Program metrics typically does not measure process effectiveness true or false?
- A.
True
- B.
False
- 19.In Control Attributes, controls in this context may be seen to have two independent attributes, maturity and weight, true or false?
- A.
True
- B.
False
- 20.A process-based approach is nonrepeatable, nondefensible, and non-extensible, offering metrics to optimize efficiency and effectiveness while reducing risk to an acceptable level, true or false?
- A.
True
- B.
False
Questions: 10 | Attempts: 32252 | Last updated: Nov 24, 2021
-
Sample QuestionWhat are the types of managers associated with specific areas within the organization? (Select all that apply)
Questions: 10 | Attempts: 17775 | Last updated: Oct 25, 2021
-
Sample QuestionCPM is:
Questions: 30 | Attempts: 17245 | Last updated: May 12, 2021
-
Sample QuestionYou can classify that a child aged 2 years has fast breathing if he has a respiratory rate of
Back to top