What is the process of evaluating IT assets, their importance to the organization, and their susceptibility to threats, to measure the risk exposure of these assets? a. Risk management b. Risk assessment c. Security d. None of the above

What is the process of evaluating IT assets, their importance to the organization, and their
susceptibility to threats, to measure the risk exposure of these assets?
a. Risk management
b. Risk assessment
c. Security
d. None of the above
by

1 Answer

Answer :

b. Risk assessment
by

Related questions

What consists of the identification of risks or threats, the implementation of security measures, and the monitoring of those measures for effectiveness? a. Risk management b. Risk assessment c. Security d. None of the above

Description : What consists of the identification of risks or threats, the implementation of security measures, and the monitoring of those measures for effectiveness? a. Risk management b. Risk assessment c. Security d. None of the above

Last Answer : a. Risk management

In simple terms, what does risk assessment ask? a. What can go wrong? b. How likely is it to go wrong? c. What are the possible consequences if it does go wrong? d. All of the above

Description : In simple terms, what does risk assessment ask? a. What can go wrong? b. How likely is it to go wrong? c. What are the possible consequences if it does go wrong? d. All of the above

Last Answer : d. All of the above

Which one is not a server level threat? a. Malicious code b. CGI threats c. Database threats d. Buffer overflows

Description : Which one is not a server level threat? a. Malicious code b. CGI threats c. Database threats d. Buffer overflows

Last Answer : a. Malicious code

Which one is a communication channel threat? a. Sniffer programs b. Cyber vandalism c. Integrity threats d. All of the above

Description : Which one is a communication channel threat? a. Sniffer programs b. Cyber vandalism c. Integrity threats d. All of the above

Last Answer : d. All of the above

Who protects system from external threats? a. firewall b. EDI c. ERP d. Script kiddies

Description : Who protects system from external threats? a. firewall b. EDI c. ERP d. Script kiddies

Last Answer : a. firewall

‐‐‐‐‐‐‐‐‐‐‐‐‐‐ is an act that poses danger to computer assets. a. Threat b. Danger c. Error d. None of the above

Description : ‐‐‐‐‐‐‐‐‐‐‐‐‐‐ is an act that poses danger to computer assets. a. Threat b. Danger c. Error d. None of the above

Last Answer : a. Threat

Which of the following is the primary characteristic of an intranet? a. People outside the organization can access it b. People inside the organization can't access it c. People outside the organization can't access it d. None of the above

Description : Which of the following is the primary characteristic of an intranet? a. People outside the organization can access it b. People inside the organization can't access it c. People outside the organization can't access it d. None of the above

Last Answer : c. People outside the organization can't access it

What charts (1) the cost to your organization of the unavailability of information and technology and (2) the cost to your organization of recovering from a disaster over time? a. Disaster recovery plan b. Hot site c. Cold site d. Disaster recovery cost curve

Description : What charts (1) the cost to your organization of the unavailability of information and technology and (2) the cost to your organization of recovering from a disaster over time? a. Disaster recovery plan b. Hot site c. Cold site d. Disaster recovery cost curve

Last Answer : d. Disaster recovery cost curve

What is an intranet that is restricted to an organization and certain outsiders, such as customers and suppliers? a. Client/server network b. Intranet c. Extranet d. Thin client

Description : What is an intranet that is restricted to an organization and certain outsiders, such as customers and suppliers? a. Client/server network b. Intranet c. Extranet d. Thin client

Last Answer : c. Extranet

The main aim of a project risk management process should be to: a. identify project risks and then manage them appropriately. b. identify all project risks and transfer them immediately. c. identify all the things that are threats or opportunities on a project. d. satisfy the organization’s project management process.

Description : The main aim of a project risk management process should be to: a. identify project risks and then manage them appropriately. b. identify all project risks and transfer them immediately. c ... are threats or opportunities on a project. d. satisfy the organization's project management process.

Last Answer : a. identify project risks and then manage them appropriately.

The main aim of a project risk management process should be to: a. identifies project risks and then manage them appropriately. b. identify all project risks and transfer them immediately. c. identify all the things that are threats or opportunities on a project. d. satisfy the organisation’s project management process.

Description : The main aim of a project risk management process should be to:  a. identifies project risks and then manage them appropriately.  b. identify all project risks and transfer them immediately.  ... are threats or opportunities on a project.  d. satisfy the organisation's project management process.

Last Answer : a. identifies project risks and then manage them appropriately.

During E‐commerce transaction we should ensure‐‐‐‐‐‐‐‐‐‐‐‐‐ a. Integrity b. Security c. Confidentiality d. All the above

Description : During E‐commerce transaction we should ensure‐‐‐‐‐‐‐‐‐‐‐‐‐ a. Integrity b. Security c. Confidentiality d. All the above

Last Answer : d. All the above

Which one is a communication channel security protocol? a. SSL b. S‐HTTP c. SET d. ALL OF THE ABOVE

Description : Which one is a communication channel security protocol? a. SSL b. S‐HTTP c. SET d. ALL OF THE ABOVE

Last Answer : d. ALL OF THE ABOVE

Which one is not used as a security mechanism? a. Encryption b. Cryptography c. Wallets d. Digital signature

Description : Which one is not used as a security mechanism? a. Encryption b. Cryptography c. Wallets d. Digital signature

Last Answer : c. Wallets

What checks out your computer or network for potential weaknesses? a. Encryption b. Public key encryption c. Security‐auditing software d. None of the above

Description : What checks out your computer or network for potential weaknesses? a. Encryption b. Public key encryption c. Security‐auditing software d. None of the above

Last Answer : c. Security‐auditing software

What looks for people on the network who shouldn't be there or who are acting suspiciously? a. Encryption b. Public key encryption c. Intrusion‐detection software d. Security‐auditing software

Description : What looks for people on the network who shouldn't be there or who are acting suspiciously? a. Encryption b. Public key encryption c. Intrusion‐detection software d. Security‐auditing software

Last Answer : c. Intrusion‐detection software

What is an encryption system that uses two keys: a public key that everyone can have and a private key for only the recipient? a. Encryption b. Public key encryption c. Intrusion‐detection software d. Security‐auditing software

Description : What is an encryption system that uses two keys: a public key that everyone can have and a private key for only the recipient? a. Encryption b. Public key encryption c. Intrusion‐detection software d. Security‐auditing software

Last Answer : b. Public key encryption

What scrambles the contents of a file so you can't read it without having the right decryption key? a. Encryption b. Intrusion‐detection software c. Security‐auditing software d. All of the above

Description : What scrambles the contents of a file so you can't read it without having the right decryption key? a. Encryption b. Intrusion‐detection software c. Security‐auditing software d. All of the above

Last Answer : a. Encryption

What is an internal organizational Internet that is guarded against outside access by a special security feature called a firewall (which can be software, hardware, or a combination of the two)? a. Client/server network b. Intranet c. Extranet d. Thin client

Description : What is an internal organizational Internet that is guarded against outside access by a special security feature called a firewall (which can be software, hardware, or a combination of the two)? a. Client/server network b. Intranet c. Extranet d. Thin client

Last Answer : b. Intranet

A combination of software and information designed to provide security and information for payment is called a what? a. digital wallet b. pop up ad c. shopping cart d. encryption

Description : A combination of software and information designed to provide security and information for payment is called a what? a. digital wallet b. pop up ad c. shopping cart d. encryption

Last Answer : a. digital wallet

Which of the following is not related to security mechanism a. encryption b. decryption c. e‐cash d. all the above

Description : Which of the following is not related to security mechanism a. encryption b. decryption c. e‐cash d. all the above

Last Answer : c. e‐cash

Which of the following is a useful security mechanism when considering business strategy and IT? a. encryption b. decryption c. firewall d. all the above

Description : Which of the following is a useful security mechanism when considering business strategy and IT? a. encryption b. decryption c. firewall d. all the above

Last Answer : d. all the above

The main purpose of the Project Management Plan is to: a. provide justification for undertaking the project in terms of evaluating the benefit, cost and risk of alternative options. b. ensure the project sponsor has tight control of the project manager’s activity. c. document the outcomes of the planning process and provide the reference document for managing the project. d. document the outcome of the risk, change and configuration management processes.

Description : The main purpose of the Project Management Plan is to: a. provide justification for undertaking the project in terms of evaluating the benefit, cost and risk of  alternative options. b. ensure ... the  project. d. document the outcome of the risk, change and configuration management processes.

Last Answer : c. document the outcomes of the planning process and provide the reference document for managing the  project.

The main purpose of the Project Management Plan is to: a. provide justification for undertaking the project in terms of evaluating the benefit, cost and risk of alternatd. document the outcome of the risk, change and configuration management processes.ive options. b. ensure the project sponsor has tight control of the project manager’s activity. c. document the outcomes of the planning process and provide the reference document for managing the project.

Description : The main purpose of the Project Management Plan is to:  a. provide justification for undertaking the project in terms of evaluating the benefit, cost and risk  of alternative options.  b ... managing the project. d. document the outcome of the risk, change and configuration management processes.

Last Answer : c. document the outcomes of the planning process and provide the reference document for  managing the project.

What is a set of conditions used to measure how well a product or system functions? a. Flexibility b. Performance c. Capacity planning d. Benchmark

Description : What is a set of conditions used to measure how well a product or system functions? a. Flexibility b. Performance c. Capacity planning d. Benchmark

Last Answer : d. Benchmark

All of the following statements are true regarding risk events except which one? Choose the least correct answer.A. Project risks are uncertain events. B. If risks occur, they can have a positive or negative effect on project objectives. C. Unknown risks are threats to the project objectives, and nothing can be done to plan for them. D. Risks that have more perceived rewards to the organization than the consequences of the risk should be accepted.

Description : All of the following statements are true regarding risk events except which one?  Choose the least correct answer. A. Project risks are uncertain events.  B. If risks occur, they can ... that have more perceived rewards to the organization than the consequences of  the risk should be accepted.

Last Answer : C. Unknown risks are threats to the project objectives, and nothing can be done to  plan for them.

If some other nation had clandestine organizations working US soil to capture or eliminate citizens or legal foreign nations on belief they were criminals or security threats, would the US view this organization as criminal or terrorist?

Description : If some other nation had clandestine organizations working US soil to capture or eliminate citizens or legal foreign nations on belief they were criminals or security threats, would the US view this organization as criminal or terrorist?

Last Answer : answer:First, this isn't an IF' question. It almost assuredly is truly happening today. Second, I think that the underlying question is how and what the are doing. Terror is generally described as activities ... nowadays in the name of national security'. We do not live in a moral or fair world.

Role of security auditor is to ____________ a) secure the network b) probe for safety and security of organization’s security components and systems c) detects and prevents cyber attacks and threats to organization d) does penetration testing on different web applications

Description : Role of security auditor is to ____________ a) secure the network b) probe for safety and security of organization’s security components and systems c) detects and prevents cyber attacks and threats to organization d) does penetration testing on different web applications

Last Answer : b) probe for safety and security of organization’s security components and systems

Which is not a function of ERP? a. Human resource management b. financial c. warehousing d. None of the above

Description : Which is not a function of ERP? a. Human resource management b. financial c. warehousing d. None of the above

Last Answer : d. None of the above

What are plastic cards the size of a credit card that contains an embedded chip on which digital information can be stored? a. Customer relationship management systems cards b. E‐government identity cards c. FEDI cards d. Smart cards

Description : What are plastic cards the size of a credit card that contains an embedded chip on which digital information can be stored? a. Customer relationship management systems cards b. E‐government identity cards c. FEDI cards d. Smart cards

Last Answer : d. Smart cards

Project risk management is best described as: a. managing responses to threats. b. identifying and acknowledging threats and opportunities. c. planning responses to threats. d. minimising threats and maximising opportunities.

Description : Project risk management is best described as: a. managing responses to threats. b. identifying and acknowledging threats and opportunities. c. planning responses to threats. d. minimising threats and maximising opportunities.

Last Answer : d. minimising threats and maximising opportunities.

Project risk management is best described as: a. managing responses to threats. b. identifying and acknowledging threats and opportunities. c. planning responses to threats. d. minimising threats and maximising opportunities.

Description : Project risk management is best described as:  a. managing responses to threats.  b. identifying and acknowledging threats and opportunities.  c. planning responses to threats.  d. minimising threats and maximising opportunities.

Last Answer : d. minimising threats and maximising opportunities.

Which of the following should the auditors normally interview as part of their assessment of fraud risk? a. Senior management b. Audit committee c. Various employees whose duties financial reporting responsibilities d. All of the given choices

Description : Which of the following should the auditors normally interview as part of their assessment of fraud risk? a. Senior management b. Audit committee c. Various employees whose duties financial reporting responsibilities d. All of the given choices

Last Answer : All of the given choices

Auditors would normally interview all but which of the following individuals as part of their assessment of fraud risk? a. Senior management b. Audit committee c. Various employees whose duties do not include normal financial reporting responsibilities d. All of the above

Description : Auditors would normally interview all but which of the following individuals as part of their assessment of fraud risk? a. Senior management b. Audit committee c. Various employees whose duties do not include normal financial reporting responsibilities d. All of the above

Last Answer : All of the above

What is the process of making a copy of the information stored on a computer? a. Backup b. Anti‐virus c. Firewall d. Biometrics

Description : What is the process of making a copy of the information stored on a computer? a. Backup b. Anti‐virus c. Firewall d. Biometrics

Last Answer : a. Backup

What describes a process of continuously measuring results and comparing those results to optimal performance so that actual performance may be improved? a. Performance b. Capacity planning c. Benchmarking d. Data cleansing

Description : What describes a process of continuously measuring results and comparing those results to optimal performance so that actual performance may be improved? a. Performance b. Capacity planning c. Benchmarking d. Data cleansing

Last Answer : c. Benchmarking

Which process is used to reinstall data from a copy when the original data has been lost? a. backup b. recovery c. benchmarking d. data cleansing

Description : Which process is used to reinstall data from a copy when the original data has been lost? a. backup b. recovery c. benchmarking d. data cleansing

Last Answer : b. recovery

Which process can prevent data from lose due to computer problems or human errors? a. backup b. recovery c. benchmarking d. data cleansing

Description : Which process can prevent data from lose due to computer problems or human errors? a. backup b. recovery c. benchmarking d. data cleansing

Last Answer : a. backup

Which service encompasses all technologies used to transmit and process information on an across a network? a. Interoperability b. Scalability c. Benchmarking d. Web services

Description : Which service encompasses all technologies used to transmit and process information on an across a network? a. Interoperability b. Scalability c. Benchmarking d. Web services

Last Answer : d. Web services

What defines all of the steps or business rules, from beginning to end, required for a process to run correctly? a. Workflow b. EIP c. Workflow system d. SLA

Description : What defines all of the steps or business rules, from beginning to end, required for a process to run correctly? a. Workflow b. EIP c. Workflow system d. SLA

Last Answer : a. Workflow

What is a detailed process for recovering information or an IT system in the event of a catastrophic disaster such as a fire or flood? a. Disaster recovery plan b. Hot site c. Cold site d. Disaster recovery cost curve

Description : What is a detailed process for recovering information or an IT system in the event of a catastrophic disaster such as a fire or flood? a. Disaster recovery plan b. Hot site c. Cold site d. Disaster recovery cost curve

Last Answer : a. Disaster recovery plan

What is the process in which a buyer posts its interest in buying a certain quantity of items, and sellers compete for the business by submitting successively lower bids until there is only one seller left? a. B2B marketplace b. Intranet c. Reverse auction d. Internet

Description : What is the process in which a buyer posts its interest in buying a certain quantity of items, and sellers compete for the business by submitting successively lower bids until there is only one seller left? a. B2B marketplace b. Intranet c. Reverse auction d. Internet

Last Answer : c. Reverse auction

In the United States, the units of measure for the potential biological risk associated with exposure to ionizing radiation are the rem and millirem. What comparable units are used in the metric system?

Description : In the United States, the units of measure for the potential biological risk associated with exposure to ionizing radiation are the rem and millirem. What comparable units are used in the metric system?

Last Answer : ANSWER: SIEVERTS or MILLISIEVERTS

Certain characteristics or circumstances may increase the susceptibility of assets to misappropriation. Opportunities to misappropriate assets increase due to the following except: a. Inventory items that are small in size, of high value, or in high demand. b. Known or anticipated future employee layoffs. c. Easily convertible assets, such as bearer bonds, diamonds, or computer chips. d. Fixed assets which are small in size, marketable, or lacking observable identification of ownership.

Description : Certain characteristics or circumstances may increase the susceptibility of assets to misappropriation. Opportunities to misappropriate assets increase due to the following except: a. Inventory items that ... which are small in size, marketable, or lacking observable identification of ownership.

Last Answer : Certain characteristics or circumstances may increase the susceptibility of assets to misappropriation. Opportunities to misappropriate assets increase due to the following except: a. Inventory items that ... which are small in size, marketable, or lacking observable identification of ownership.

Following is (are) the component(s) of risk management (A)Risk Assessment (B)Risk Control (C)Risk Ranking (D)All of the above

Description : Following is (are) the component(s) of risk management (A)Risk Assessment (B)Risk Control (C)Risk Ranking (D)All of the above

Last Answer : (D)All of the above

In the preparation of an audit program, which of the following items is not essential? a. Assessment of inherent risk b. The preparation of a budget identifying the costs of resources needed c. A review of material from prior audits d. An understanding of controls established by management

Description : In the preparation of an audit program, which of the following items is not essential? a. Assessment of inherent risk b. The preparation of a budget identifying the costs of resources needed c. A review of material from prior audits d. An understanding of controls established by management

Last Answer : The preparation of a budget identifying the costs of resources needed

Which of the following statements concerning analytical procedures is true? a. Analytical procedures are more efficient, but not more effective, than tests of details of transactions. b. Analytical procedures used as risk assessment procedures use data aggregated at a high level. c. Analytical procedures can replace tests of controls in gathering audit evidence to support the assessed level of control risk. d. Analytical procedures usually involve comparisons of ratios developed from recorded amounts with ratios developed by management

Description : Which of the following statements concerning analytical procedures is true? a. Analytical procedures are more efficient, but not more effective, than tests of details of transactions. ... usually involve comparisons of ratios developed from recorded amounts with ratios developed by management

Last Answer : Analytical procedures used as risk assessment procedures use data aggregated at a high level.

Risk assessment procedures include the following, except a. Analytical procedures. b. Confirmation of accounts receivablec. Observation and inspection.d. Inquiries of management

Description : Risk assessment procedures include the following, except a. Analytical procedures. b. Confirmation of accounts receivable c. Observation and inspection. d. Inquiries of management

Last Answer : Confirmation of accounts receivable

Which of the following is not an assurance engagement? a. Risk Assessment Service b. Information System Reliability Service c. Business Performance Measurement d. Management Consulting Service

Description : Which of the following is not an assurance engagement? a. Risk Assessment Service b. Information System Reliability Service c. Business Performance Measurement d. Management Consulting Service

Last Answer : Management Consulting Service

Environmental impact assessment includes (a) Environmental statement (b) Environmental management plan (c) Risk and hazard assessment and mitigation (d) All of the above

Description : Environmental impact assessment includes (a) Environmental statement (b) Environmental management plan (c) Risk and hazard assessment and mitigation (d) All of the above

Last Answer : (d) All of the above