During a disaster recovery planning session, a security administrator has been tasked with determining
which threats and vulnerabilities pose a risk to the organization. Which of the following should the
administrator rate as having the HIGHEST frequency of risk to the organization?

A.
Hostile takeovers

B.
Large scale natural disasters

C.
Malware and viruses

D.
Corporate espionage

Explanation:
The most common threat to an organization is computer viruses or malware. A computer can become
infected with a virus through day-to-day activities such as browsing web sites or emails. As browsing and
opening emails are the most common activities performed by all users, computer viruses represent the
most likely risk to a business.
Common examples of malware include viruses, worms, trojan horses, and spyware. Viruses, for example,
can cause havoc on a computer’s hard drive by deleting files or directory information. Spyware can gather
data from a user’s system without the user knowing it. This can include anything from the Web pages a
user visits to personal information, such as credit card numbers.
Incorrect Answers:
A: Hostile takeovers are when someone takes over a company by buying up the company’s shares. This is
a rare occurrence compared to computer viruses or malware. For most companies, a hostile takeover will
never happen.B: Large scale natural disasters obviously are bad for computer networks. However, they’re pretty rare.
They certainly don’t happen on a day-to-day basis. Computers becoming infected with a virus are much
more common.
D: Corporate espionage is a risk to any business. However, it doesn’t happen on a day-to-day basis.
Computers becoming infected with a virus are much more common.