FEDVTE CYBER RISK MANAGEMENT
FOR MANAGERS EXAM 2025
QUESTIONS AND ANSWERS
Which step of a risk assessment uses the history of system attacks?
A. Step 2: Threat Identification
B. Step 3: Vulnerability Identification
C. Step 4: Control Analysis
D. Step 5: Likelihood Determination - ....ANSWER ...-A. Step 2: Threat
Identification
In which one of the following is modifying important or sensitive information
categorized?
A. Confidentiality
B. Availability
...©️ 2025, ALL RIGHTS RESERVED 1
,C. Integrity
D. All of the above - ....ANSWER ...-C. Integrity
Of the risk mitigation steps, in which step does management determine the most cost-
effective control(s) for reducing risk to the organization's mission?
A. Step 3: Conduct Cost-Benefit Analysis
B. Step 4: Select Controls
C. Step 5: Assign Responsibility
D. Step 6: Develop a Safeguard Implementation Plan - ....ANSWER ...-B. Step 4:
Select Controls
Which of the following is the set of security controls for an information system that is
primarily implemented and executed by people?
A. Operational Controls
B. Management Controls
C. Technical Controls
D. All of the above - ....ANSWER ...-A. Operational Controls
Software as a Service is one class of Cloud Computing.
A. True
...©️ 2025, ALL RIGHTS RESERVED 2
, B. False - ....ANSWER ...-A. True
If the availability of a service was critical to your organization, what would you say the
impact would be if the service was irrevocably destroyed?
A. High
B. Medium
C. Low
D. None of the above - ....ANSWER ...-A. High
Low humidity within a server room could result in a static electricity build-up/discharge.
A. True
B. False - ....ANSWER ...-A. True
Which of the following is the ability to hide messages in existing data?
A. Cryptography
B. Scareware
C. Steganography
D. Whaling - ....ANSWER ...-C. Steganography
Which of the following firewall implementations is a combination of a packet filter with
bastion host?
...©️ 2025, ALL RIGHTS RESERVED 3
FOR MANAGERS EXAM 2025
QUESTIONS AND ANSWERS
Which step of a risk assessment uses the history of system attacks?
A. Step 2: Threat Identification
B. Step 3: Vulnerability Identification
C. Step 4: Control Analysis
D. Step 5: Likelihood Determination - ....ANSWER ...-A. Step 2: Threat
Identification
In which one of the following is modifying important or sensitive information
categorized?
A. Confidentiality
B. Availability
...©️ 2025, ALL RIGHTS RESERVED 1
,C. Integrity
D. All of the above - ....ANSWER ...-C. Integrity
Of the risk mitigation steps, in which step does management determine the most cost-
effective control(s) for reducing risk to the organization's mission?
A. Step 3: Conduct Cost-Benefit Analysis
B. Step 4: Select Controls
C. Step 5: Assign Responsibility
D. Step 6: Develop a Safeguard Implementation Plan - ....ANSWER ...-B. Step 4:
Select Controls
Which of the following is the set of security controls for an information system that is
primarily implemented and executed by people?
A. Operational Controls
B. Management Controls
C. Technical Controls
D. All of the above - ....ANSWER ...-A. Operational Controls
Software as a Service is one class of Cloud Computing.
A. True
...©️ 2025, ALL RIGHTS RESERVED 2
, B. False - ....ANSWER ...-A. True
If the availability of a service was critical to your organization, what would you say the
impact would be if the service was irrevocably destroyed?
A. High
B. Medium
C. Low
D. None of the above - ....ANSWER ...-A. High
Low humidity within a server room could result in a static electricity build-up/discharge.
A. True
B. False - ....ANSWER ...-A. True
Which of the following is the ability to hide messages in existing data?
A. Cryptography
B. Scareware
C. Steganography
D. Whaling - ....ANSWER ...-C. Steganography
Which of the following firewall implementations is a combination of a packet filter with
bastion host?
...©️ 2025, ALL RIGHTS RESERVED 3