Which two of the following are factors that must be considered in determining the likelihood of occurrence dur
Which two of the following are factors that must be considered in determining the likelihood of
occurrence during a risk analysis review?
Which of the following best describes the FRAP method of risk analysis?
After a security meeting, IT leaders decided that the organization will perform a completely new
risk analysis, as the previous one was done over five years ago. The methods that will be used is
FRAP. Which of the following best describes the FRAP method of risk analysis?
What is the ALE for this attack against this server?
Your organization assigns an Annual Loss Expectancy to assets during a risk analysis meeting.
You have a server which if down for a day will lose the company $35,000, and has a serious root
access attack against it once per month. What is the ALE for this attack against this server?
Which of the following best describes the Repair Model?
Which of the following best describes the Repair Model?
Which of the following has the stages of Risk Analysis in order, from a to e?
Which of the following has the stages of Risk Analysis in order, from a to e?
a. Management
b. Threat Assessment
c. Control Evaluation
d. Inventory
e. Monitoring
Which is considered to be the major factor in determining a specific control system to implement?
You have just recently finished a complete Risk Analysis of your organization. During your
presentation you present the controls you feel must be implemented. Which is considered to be
the major factor in determining a specific control system to implement?
Which of the following describes the concept of feasible protection of an asset?
During a discussion of asset classification and protection with a coworker, you realize that your
coworker does not know the basic concepts of asset protection. You are asked to describe the
types of asset protection. Which of the following describes the concept of feasible protection of an
asset?
Which of the following organizations defines the current standards of risk analysis methodologies?
To manage the risk analysis of your organization you must first identify the method of analysis to
use.
Which of the following organizations defines the current standards of risk analysis methodologies?
which of the following?
You are running a Linux machine as a dedicated file server for your network. You are trying to use
Nmap to perform some security tests. On your Linux machine, in order to run TCP SYN scans
from a host using Nmap or NmapFE you must have which of the following?
What type of program is in the network?
One of your users calls to state the their computer is acting unusual. You go to investigate and find
there is an unauthorized program installed on this computer. You examine the network and find
that this program has replicated itself to other machines in the network, without the input of the
user. What type of program is in the network?