Chapter 19: Summarizing Risk Management Concepts 2023/2024 passed

Chapter 19: Summarizing Risk Management ConceptsThis determines the reliability of each asset. Main KPIs include Mean Time to Failure (MTTF) and Mean Time to Repair (MTT). - correct answer Key Performance Indicators (KPI) General types of risks - correct answer -External -Internal -Multiparty -Intellectual Property (IP) Theft -Software Compliance/Licensing -Legacy Systems Types of disasters - correct answer -Internal- malicious activity -External-wider environmental or social impacts -Person-made - human agency is the primary cause -Environmental- Natural disasters The 5 phases of risk management - correct answer -Identify mission essential functions -Identify vulnerabilities -Identify threats -Analyze business impacts -Identify risk response A company performs risk management. Which action identifies a risk response approach? - correct answer B. A company develops a countermeasure for an identified risk. The fifth phase of risk management is identifying risk response. A countermeasure should be identified for each risk and the cost of deploying additional security controls should be assessed. Select the example that provides an accurate simulation of a company engaging in the identifying threats phase of risk management. - correct answer B. A company conducts research to determine why vulnerabilities may be exploited. The third phase of risk management is identify threats. Threats that may take advantage of, exploit, or accidentally trigger vulnerabilities. Threat refers to the sources or motivations of people and things that could cause loss or damage. Management of a company practices qualitative risk when assessing a move of systems to the cloud. How does the company indicate any identified risk factors? - correct answer C. With a classification system Qualitative risk assessment uses categories or classifications such as Irreplaceable, High Value, Medium Value, and Low Value. Management of a company identifies priorities during a risk management exercise. By doing so, which risk management approach does management use? - correct answer B. Risk posture Risk posture is the overall status of risk management. Risk posture shows which risk response options management can identify and prioritize. Analyze the metrics governing Mission Essential Functions (MEF) and determine which example demonstrates Maximum Tolerable Downtime (MTD). - correct answer C. A business function relies on five hours for restoration; otherwise, there is an irrecoverable business failure. The Maximum Tolerable Downtime (MTD) is the longest period of time a business function outage may occur without causing irrecoverable business failure. A company has thirty servers that run for 125 hours, with three servers that fail. Rounding to the nearest whole number, calculate the Mean Time Between Failures (MTBF) for this scenario. - correct answer D. (30x125)/3 = 1,250