Information Security Governance and Risk Management Practice Test Questions

Information Security Governance and Risk Management

 You scored %%SCORE%% out of %%TOTAL%%, %%RATING%%  
Your answers are highlighted below.
Question 1
What is the Exposure Factor in Risk Management?
Remaining risk after mitigating controls have been applied
Total time required for mitigating a vulnerability
Percent of loss of an asset given a specific threat
Level of risk present in a system
Question 2
Of the following, which would be the most effective way of increasing security awareness?
Deploying additional monitoring devices
Increased funding for security policy development
Incentives for security related accomplishments
Continuous employee internet usage monitoring
Question 3
Which of the following is NOT a Security Posture Assessment Methodology?
FIPS
IAM
Octave
FITSAF
Question 4
Which is not a type of security control?
Corrective
Deterrent
Preventative
Restrictive
Question 5
What does the "C" in the AIC triad stand for?
Correction
Certification
Confidentiality
Caution
Question 6
Who is responsible for communicating with Senior Management about security issues?
Directors
Information Security Officers
System Administrators
Project Managers
Question 7
What type of policy requires responsibilities to be shared between multiple people so that no one malicious person can act alone?
Due Care Policy
Separation of Duties Policy
Acceptable Use Policy
Need-to-Know Policy
Question 8
Which is not a stage of the System Life Cycle?
Development
Disposal
Implementation
Prototyping
Question 9
What does the "A" in the AIC triad stand for?
Authentication
Availability
Authorization
Accountability
Question 10
Which of the following is not an option when managing risk?
Ignore
Mitigate
Accept
Avoid
Question 11
In terms of Qualitative Risk Analysis, how is Exposure determined?
Threat x Risk
Vulnerability x Probability
Probability x Severity
Risk x Potential
Question 12
The responsibilities of an Information Security Officer include all of the following except:
Preparing a budget for Information Security
Creating the overall mission statement
Understanding the threats to the organization
Tracking security related metrics
Question 13
Administrative Assistants and Secretaries are particularly vulnerable to what type of attack?
Email viruses
Social engineering
Password guessing
Blackmail
Once you are finished, click the button below. Any items you have not completed will be marked incorrect. Get Results
There are 13 questions to complete.

Comments

  1. Hina Naz says:
    May 12, 2011 at 8:45 am

    Good one…!!! need more tests..

    Reply
  2. Mitchell Rowton says:
    May 12, 2011 at 6:10 pm

    Thanks for the comment Hina, I’m working on more tests!

    Reply
  3. Niel says:
    May 24, 2012 at 5:49 am

    This is brill for a free site. no enrolment, keep up the work, I wish I had found this a few weeks ago.

    Exam on the 26th (in 3 days)
    Niel

    Reply

Speak Your Mind

*