SANS Security's Foundation Exam
Questions & Answers 100% Correct!!
The elements of the CIA are - ANSWERSConfidentiality, Integrity, Availability
Which role always has ultimate responsibility for security in an organization? -
ANSWERSSenior Manager
What is the goal of most Cyber Threats today? - ANSWERSMake money for the
attacker
What is the name of the role with primary responsibility for data? - ANSWERSData
Owner
What role is responsible for implementing controls on data? - ANSWERSData
Custodian
The term due care means that senior management has a legal responsibility to -
ANSWERSAct as a reasonable person would act in protecting assets
Who in the organization determines if risk is acceptable? - ANSWERSChief Executive
Officer (CEO)
The term Exposure Factor means - ANSWERSThe percentage of asset value loss
The term Single Loss Expectancy means - ANSWERSWhat is costs each time a threat
materializes
The formula to arrive at Annual Loss Expectancy is - ANSWERSAnnual Rate of
Occurance * Single Loss Expectancy
The formula to arrive at Single Loss Expectancy is - ANSWERSAsset Value * Exposure
Factor
Which approach to Risk Assessment is based on money? - ANSWERSQuantitative
Which approach to Risk Assessment is based on severity and likelihood? -
ANSWERSQualitative
Of the three control areas, which deals with authentication? - ANSWERSTechnical
Controls
Of the three control types, which deals with authentication? - ANSWERSPreventive
Questions & Answers 100% Correct!!
The elements of the CIA are - ANSWERSConfidentiality, Integrity, Availability
Which role always has ultimate responsibility for security in an organization? -
ANSWERSSenior Manager
What is the goal of most Cyber Threats today? - ANSWERSMake money for the
attacker
What is the name of the role with primary responsibility for data? - ANSWERSData
Owner
What role is responsible for implementing controls on data? - ANSWERSData
Custodian
The term due care means that senior management has a legal responsibility to -
ANSWERSAct as a reasonable person would act in protecting assets
Who in the organization determines if risk is acceptable? - ANSWERSChief Executive
Officer (CEO)
The term Exposure Factor means - ANSWERSThe percentage of asset value loss
The term Single Loss Expectancy means - ANSWERSWhat is costs each time a threat
materializes
The formula to arrive at Annual Loss Expectancy is - ANSWERSAnnual Rate of
Occurance * Single Loss Expectancy
The formula to arrive at Single Loss Expectancy is - ANSWERSAsset Value * Exposure
Factor
Which approach to Risk Assessment is based on money? - ANSWERSQuantitative
Which approach to Risk Assessment is based on severity and likelihood? -
ANSWERSQualitative
Of the three control areas, which deals with authentication? - ANSWERSTechnical
Controls
Of the three control types, which deals with authentication? - ANSWERSPreventive
