Risk Assessment & Vulnerability in Industrial Networks Chapter Exam

Exam Instructions:

Choose your answers to the questions and click 'Next' to see the next set of questions. You can skip questions if you would like and come back to them later with the yellow "Go To First Skipped Question" button. When you have completed the practice exam, a green submit button will appear. Click it to see your results. Good luck!

Page 1

Question 1 1. Which of the following can prevent cyber attacks stemming from weak login credentials?

Question 2 2. Why are unauthenticated protocols considered a vulnerability in industrial networks?

Question 3 3. Which of the following best defines a control system?

Question 4 4. A risk that will potentially affect the default user configurations is ranked as _____.

Question 5 5. A risk that can be relaunched without any special user rights needed will be ranked as _____.

Page 2

Question 6 6. An Information disclosure risk is _____.

Question 7 7. In IT risk management, _____ is calculated by multiplying a risk's probability score by its impact score.

Question 8 8. In IT risk management, which is not an opportunity response?

Question 9 9. In IT risk management, what is the consequence of a risk occurring?

Question 10 10. When a firm chooses not to pursue an activity for fear of a loss, they are practicing _____.

Page 3

Question 11 11. Risk management is the process of identifying and assessing risks, _____, implementing and evaluating controls to reduce the impact of risks.

Question 12 12. The process of determining a control's effectiveness at reducing or minimizing the risk is what stage of the risk management process?

Question 13 13. Which of the following is NOT true about Black Box Vulnerability Assessment?

Question 14 14. Which of the following is NOT true about White Box Vulnerability Assessment?

Question 15 15. Which of the following is NOT true about Gray Box Vulnerability Assessment?

Page 4

Question 16 16. Which of the following is NOT one of the risk management options given to management when they look for ways to manage risk?

Question 17 17. Which of the following statements best describes the correct managerial approach to risk?

Question 18 18. If management intentionally makes a bad decision to try and avoid issuing recall on their items, what type of risk will they be struggling with?

Question 19 19. Security patch installation is done in which of the elements of Quarantine?

Question 20 20. Which of the following allows only those devices that comply with the security policies of the network?

Page 5

Question 21 21. Which system keeps track of various software, hardware, network addresses, and related information in an organization's system?

Question 22 22. Which of the following is a broad term encompassing the various interconnected systems used in industrial processes?

Question 23 23. How do we classify the risks?

Question 24 24. In IT risk management, what is another term for negative risks?

Question 25 25. Insurance is a _____ type of risk control.

Page 6

Question 26 26. Which of the following is true about Vulnerability Assessment methods in ICS and SCADA systems?

Question 27 27. Which of the following is the definition used in this lesson for business risk?

Question 28 28. Which of the following is NOT the key part of patch management?

Question 29 29. Which of the following is NOT a type of vulnerability found in industrial networks?

Question 30 30. Risk ranking and classification are included in the risk management step known as _____.

Risk Assessment & Vulnerability in Industrial Networks Chapter Exam Instructions

Choose your answers to the questions and click 'Next' to see the next set of questions. You can skip questions if you would like and come back to them later with the yellow "Go To First Skipped Question" button. When you have completed the practice exam, a green submit button will appear. Click it to see your results. Good luck!

Computer Science 330: Critical Infrastructure Security  /  Computer Science Courses
Support