FedVTE Cyber Risk Management for
Managers 2025/2026 Exam Questions
Marking Scheme New Update | A+ Rated
Which step of a risk assessment uses the history of system attacks?
A. Step 2: Threat Identification
B. Step 3: Vulnerability Identification
C. Step 4: Control Analysis
D. Step 5: Likelihood Determination - 🧠 ANSWER ✔✔A. Step 2: Threat
Identification
In which one of the following is modifying important or sensitive information
categorized?
COPYRIGHT©NINJANERD 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
STATEMENT. ALL RIGHTS RESERVED
1
,A. Confidentiality
B. Availability
C. Integrity
D. All of the above - 🧠 ANSWER ✔✔C. Integrity
Of the risk mitigation steps, in which step does management determine the
most cost-effective control(s) for reducing risk to the organization's
mission?
A. Step 3: Conduct Cost-Benefit Analysis
B. Step 4: Select Controls
C. Step 5: Assign Responsibility
D. Step 6: Develop a Safeguard Implementation Plan - 🧠 ANSWER ✔✔B.
Step 4: Select Controls
Which of the following is the set of security controls for an information
system that is primarily implemented and executed by people?
A. Operational Controls
COPYRIGHT©NINJANERD 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
STATEMENT. ALL RIGHTS RESERVED
2
, B. Management Controls
C. Technical Controls
D. All of the above - 🧠 ANSWER ✔✔A. Operational Controls
Software as a Service is one class of Cloud Computing.
A. True
B. False - 🧠 ANSWER ✔✔A. True
If the availability of a service was critical to your organization, what would
you say the impact would be if the service was irrevocably destroyed?
A. High
B. Medium
C. Low
D. None of the above - 🧠 ANSWER ✔✔A. High
Low humidity within a server room could result in a static electricity build-
up/discharge.
COPYRIGHT©NINJANERD 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
STATEMENT. ALL RIGHTS RESERVED
3
Managers 2025/2026 Exam Questions
Marking Scheme New Update | A+ Rated
Which step of a risk assessment uses the history of system attacks?
A. Step 2: Threat Identification
B. Step 3: Vulnerability Identification
C. Step 4: Control Analysis
D. Step 5: Likelihood Determination - 🧠 ANSWER ✔✔A. Step 2: Threat
Identification
In which one of the following is modifying important or sensitive information
categorized?
COPYRIGHT©NINJANERD 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
STATEMENT. ALL RIGHTS RESERVED
1
,A. Confidentiality
B. Availability
C. Integrity
D. All of the above - 🧠 ANSWER ✔✔C. Integrity
Of the risk mitigation steps, in which step does management determine the
most cost-effective control(s) for reducing risk to the organization's
mission?
A. Step 3: Conduct Cost-Benefit Analysis
B. Step 4: Select Controls
C. Step 5: Assign Responsibility
D. Step 6: Develop a Safeguard Implementation Plan - 🧠 ANSWER ✔✔B.
Step 4: Select Controls
Which of the following is the set of security controls for an information
system that is primarily implemented and executed by people?
A. Operational Controls
COPYRIGHT©NINJANERD 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
STATEMENT. ALL RIGHTS RESERVED
2
, B. Management Controls
C. Technical Controls
D. All of the above - 🧠 ANSWER ✔✔A. Operational Controls
Software as a Service is one class of Cloud Computing.
A. True
B. False - 🧠 ANSWER ✔✔A. True
If the availability of a service was critical to your organization, what would
you say the impact would be if the service was irrevocably destroyed?
A. High
B. Medium
C. Low
D. None of the above - 🧠 ANSWER ✔✔A. High
Low humidity within a server room could result in a static electricity build-
up/discharge.
COPYRIGHT©NINJANERD 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
STATEMENT. ALL RIGHTS RESERVED
3
