Documente Academic
Documente Profesional
Documente Cultură
Home / Courses / Online / School of Business, Economics and Technology / 2019 / May 04, 2020
/ BA63571G619 / Topic 1 / Chapter 1 Quiz
Question 1
Correct
A(n) ____ is any clearly identified attack on the organization's information assets that would threaten
the assets' confidentiality, integrity, or availability.
Select one:
a. trespass
b. Trojan horse
c. risk
d. incident Correct
https://cu.learninghouse.com/mod/quiz/review.php?attempt=1623873&cmid=1974039 1/10
5/6/2020 Chapter 1 Quiz
Question 2
Correct
____ ensures that only those with the rights and privileges to access information are able to do so.
Select one:
a. Confidentiality Correct
b. Availability
c. Integrity
d. Risk assessment
Question 3
Correct
____ hack systems to conduct terrorist activities through network or Internet pathways.
Select one:
a. Cyberterrorists Correct
b. Script kiddies
c. Programmers
d. Social engineers
https://cu.learninghouse.com/mod/quiz/review.php?attempt=1623873&cmid=1974039 2/10
5/6/2020 Chapter 1 Quiz
Question 4
Correct
Information assets have ____ when authorized users - persons or computer systems - are able to
access them in the specified format without interference or obstruction.
Select one:
a. integrity
b. availability Correct
c. confidentiality
d. risk assessment
Question 5
Correct
Information assets have ____ when they are not exposed (while being stored, processed, or
transmitted) to corruption, damage, destruction, or other disruption of their authentic states.
Select one:
a. risk assessment
b. availability
c. integrity Correct
d. confidentiality
https://cu.learninghouse.com/mod/quiz/review.php?attempt=1623873&cmid=1974039 3/10
5/6/2020 Chapter 1 Quiz
Question 6
Correct
____ is a risk control approach that attempts to shift the risk to other assets, other processes, or other
organizations.
Select one:
a. Transference Correct
b. Mitigation
c. Acceptance
d. Avoidance
Question 7
Correct
____ is the process of examining, documenting, and assessing the security posture of an
organization's information technology and the risks it faces.
Select one:
a. Risk identification Correct
b. Data classification
c. Security clearance
d. DR
https://cu.learninghouse.com/mod/quiz/review.php?attempt=1623873&cmid=1974039 4/10
5/6/2020 Chapter 1 Quiz
Question 8
Correct
Select one:
a. Security planning
b. Contingency planning
Question 9
Correct
____ is the risk control approach that attempts to reduce the impact caused by the exploitation of
vulnerability through planning and preparation.
Select one:
a. Avoidance
b. Transference
c. Acceptance
d. Mitigation Correct
https://cu.learninghouse.com/mod/quiz/review.php?attempt=1623873&cmid=1974039 5/10
5/6/2020 Chapter 1 Quiz
Question 10
Correct
____ of risk is the choice to do nothing to protect an information asset and to accept the outcome of
its potential exploitation.
Select one:
a. Inheritance
b. Acceptance Correct
c. Avoidance
d. Mitigation
Question 11
Correct
The term ____ refers to a broad category of electronic and human activities in which an unauthorized
individual gains access to the information an organization is trying to protect.
Select one:
a. theft
b. trespass Correct
c. polymorphism
d. denial-of-service
https://cu.learninghouse.com/mod/quiz/review.php?attempt=1623873&cmid=1974039 6/10
5/6/2020 Chapter 1 Quiz
Question 12
Correct
Question 13
Correct
For the purpose of making relative risk assessments, we can say that
risk equals the likelihood of a vulnerability occurring times the value
(or impact) of that asset to the organization minus the percentage of risk that is already being
controlled plus an element of uncertainty.
Question 14
Correct
https://cu.learninghouse.com/mod/quiz/review.php?attempt=1623873&cmid=1974039 7/10
5/6/2020 Chapter 1 Quiz
Question 15
Correct
Question 16
Correct
Question 17
Correct
A Disaster Recovery Plan (DR plan) deals with identifying, classifying, responding to, and recovering
from an incident.
Select one:
True
False
https://cu.learninghouse.com/mod/quiz/review.php?attempt=1623873&cmid=1974039 8/10
5/6/2020 Chapter 1 Quiz
Question 18
Correct
An asset can be logical, such as a Web site, information, or data; or an asset can be physical, such
as a person, computer system, or other tangible object.
Select one:
True
False
Question 19
Correct
An enterprise information security policy (EISP) addresses specific areas of technology and contains
a statement on the organization's position on each specific area.
Select one:
True
False
Question 20
Correct
Select one:
True
False
https://cu.learninghouse.com/mod/quiz/review.php?attempt=1623873&cmid=1974039 9/10
5/6/2020 Chapter 1 Quiz
Previous activity
https://cu.learninghouse.com/mod/quiz/review.php?attempt=1623873&cmid=1974039 10/10