Information Risk Management (IRM) is the process of a. Reducing risk to an accep

Question

Information Risk Management (IRM) is the process of a. Reducing risk to an acceptable level b. Identifying risk c. Implementing the right mechanisms to maintain acceptable level d. All of the above 2. What is the impact of a vulnerability that has a threat but not an exploit? a. High b. Medium c. None d. Low 3. Which of the following are not adversarial risks? a. Exploit vulnerabilities on internal organizational information systems. b. Exploit multi-tenancy in a cloud environment. c. Mishandling of critical and/or sensitive information by authorized users d. Conduct insider-based social engineering to obtain information. 4. What is the risk with a vulnerability that has an exploit and a threat but a highly effective preventive control a. High b. Low c. Medium d. None 5. If a corrective control is effective, what is the risk to the high value asset? a. None b. The asset may be offline until the actions of the corrective control are completed. c. High d. Medium

Explanation / Answer

1) All of the above (option D)

2) low (option D)

3) Option D

4) Low (Option B)

5)None (Option A)

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

---