Copyright

Identifying & Assessing Cybersecurity Risks Chapter Exam

Exam Instructions:

Choose your answers to the questions and click 'Next' to see the next set of questions. You can skip questions if you would like and come back to them later with the yellow "Go To First Skipped Question" button. When you have completed the practice exam, a green submit button will appear. Click it to see your results. Good luck!

Page 1

Question 1 1. _____ is a general term used to describe many types of bad software.

Question 2 2. _____, such as installing unlicensed software or clicking on links in untrusted emails, may create a computer security risk.

Question 3 3. Which of the following is NOT a purpose of the qualitative risk analysis?

Question 4 4. What is used as a benchmark during the qualitative risk analysis?

Question 5 5. Which of the following behaviors is a signal of a high risk appetite?

Page 2

Question 6 6. What is the main difference between risk appetite and risk tolerance?

Question 7 7. Which of the following is NOT a benefit of setting a risk appetite?

Question 8 8. What is risk appetite?

Question 9 9. How does risk tolerance describe the risk that an organization is willing to take on?

Question 10 10. How is risk tolerance usually presented?

Page 3

Question 11 11. What is the first step in developing a risk assessment?

Question 12 12. What factors do we use to score our risks?

Question 13 13. Which of the following is NOT a purpose of the risk identification process?

Question 14 14. Where are the outputs of the risk identification process documented?

Question 15 15. What are the four elements of SWOT analysis?

Page 4

Question 16 16. Where are identified risks documented?

Question 17 17. Which is the best definition of risk?

Question 18 18. Which of the following is an example of inherent risk?

Question 19 19. How often should you manage the risks in your plan?

Question 20 20. Which statement is an input for the risk management plan process?

Page 5

Question 21 21. In IT risk management, what is the consequence of a risk occurring?

Question 22 22. What is another term for positive risks in IT risk management?

Question 23 23. Which of the following is NOT true of risk tolerance?

Question 24 24. Which of the following best describes risk acceptance?

Question 25 25. Both _____ and _____ need to be updated regularly to protect our computers from new viruses and vulnerabilities.

Page 6

Question 26 26. Which risk characteristics are evaluated during the qualitative risk analysis?

Question 27 27. Which of the following risk tolerances corresponds to the highest risk appetite?

Question 28 28. Which of the following statements about risk appetite is FALSE?

Question 29 29. Which of the following is an example of a risk threshold?

Question 30 30. What kinds of events should be addressed?

Identifying & Assessing Cybersecurity Risks Chapter Exam Instructions

Choose your answers to the questions and click 'Next' to see the next set of questions. You can skip questions if you would like and come back to them later with the yellow "Go To First Skipped Question" button. When you have completed the practice exam, a green submit button will appear. Click it to see your results. Good luck!

Computer Science 331: Cybersecurity Risk Analysis Management  /  Computer Science Courses
Support