4.3 Risk Management

You have conducted a risk analysis to protect a key company asset. You identify the following values: Asset value = 400 Exposure factor = 75 Annualized Rate of Occurrence = .25 What is the Annualized Loss Expectancy(ALE)?

Which of the following is NOT an acceptable countermeasure to strengthen a cryptosystem?

When analyzing assets, which analysis method assigns financial values to assets?

If an organizatin shows sufficient due care, which burden is eliminated in the event of a security breach?

You have conducted a risk analysis to protect a key company asset. You identify the following values: Asset value = 400 Exposure factor = 75 Annualized Rate of Occurence(ARO) = .25 Countermeasure A has a cost of 320 and will protect the asset for four years. Countermeasure B has an annual cost of 85. An insurance policy to protect the asset has an annual premium of 90. What should you do?

To determine the value of the company assets, an anonymous survey was used to collect the opinions of all senior and mid-level managers. Which asset valuation method was used?

Your company has developed and implemented countermeasures for the greatest risks to their assets. However there is still some risk left. What is the remaining risk called?

When conducting a risk assessment, how is the Annualized Rate of Occurence(ARO) calculated?

Which of the following statements is true in regards to risk analysis?(Choose two)

You have conducted a risk analysis to protect a key company asset. You identify the following values: Asset Value = 400 Exposure Value = 75 Anualized Rate of Occurence = .25 What is the Single Loss Expectancy(SLE)?

When would choosing to do nothing about an identified risk be acceptable?

Which of the following is NOT a valid response to a risk discovered during a risk analysis?

Which of the following best defines Single Loss Expectancy(SLE)?

Purchasing insurance is what type of response to risk?

What is the average number of times that a specific risk is likely to be realized?