CSIA 485 Quiz 1A
Controls are implemented to: Question 1 options: Provide Data Change Policies Develop
Processes Mitigate Risks
ChatGPT said:
Mitigate Risks ✅
You said:
Inherent risk is defined as Question 2 options: Risk that is normal for an industry Risk everyone
must assume Risk that cannot be avoided Risk that exists before controls are implemented
ChatGPT said:
Risk that exists before controls are implemented ✅
You said:
The risk treatment option of deliberately operating without applying one of the other treatment
options available is known as Question 3 options: Risk Avoidance or Elimination Risk
Modification or Mitigation Risk Sharing or Transfer Risk Retention or Acceptance
ChatGPT said:
Risk Retention or Acceptance ✅
You said:
These exist to guide the processes of identifying, treating, and monitoring information security
risks in an organization. Question 4 options: Security Operations Centers Security Policies Threat
Intelligence Feeds Risk Management Frameworks
ChatGPT said:
Risk Management Frameworks ✅
You said:
The risk treatment option of reassigning accountability for a risk to another entity or
organization is known as Question 5 options: Risk Sharing or Transfer Risk Retention or
Acceptance Risk Modification or Mitigation Risk Avoidance or Elimination
ChatGPT said:
Risk Sharing or Transfer ✅
You said:
, Compliance is the act of conforming to: Question 6 options: Laws Contracts All stated
requirements Policies
ChatGPT said:
All stated requirements ✅
You said:
is a central repository where risks and risk treatments are stored and regularly
reviewed. Question 7 options: Qualitative Assessment Quantitative Assessment Risk Registry
Risk Treatment Plan
ChatGPT said:
Risk Registry ✅
You said:
How long should a security policy be? Question 8 options: No longer than 10 pages All policies
are 5 pages One page No longer than absolutely necessary
ChatGPT said:
No longer than absolutely necessary ✅
You said:
This is the overall strategy for how your company will implement information security principles
and technologies. Question 9 options: A Framework Security Policies A Process A Procedure
ChatGPT said:
A Framework ✅
You said:
is a set of practices for IT service management that focuses on aligning IT services
with the needs of a business. Question 10 options: FAIR ITIL COSO NIST
ChatGPT said:
ITIL ✅
You said:
Risk managers will need to learn how to balance threats, vulnerabilities and assets to ensure
investments in risk treatments do not: Question 11 options: Exceed the value of the assets
being protected Become obsolete Exceed the budget None of the listed choices are correct.
Controls are implemented to: Question 1 options: Provide Data Change Policies Develop
Processes Mitigate Risks
ChatGPT said:
Mitigate Risks ✅
You said:
Inherent risk is defined as Question 2 options: Risk that is normal for an industry Risk everyone
must assume Risk that cannot be avoided Risk that exists before controls are implemented
ChatGPT said:
Risk that exists before controls are implemented ✅
You said:
The risk treatment option of deliberately operating without applying one of the other treatment
options available is known as Question 3 options: Risk Avoidance or Elimination Risk
Modification or Mitigation Risk Sharing or Transfer Risk Retention or Acceptance
ChatGPT said:
Risk Retention or Acceptance ✅
You said:
These exist to guide the processes of identifying, treating, and monitoring information security
risks in an organization. Question 4 options: Security Operations Centers Security Policies Threat
Intelligence Feeds Risk Management Frameworks
ChatGPT said:
Risk Management Frameworks ✅
You said:
The risk treatment option of reassigning accountability for a risk to another entity or
organization is known as Question 5 options: Risk Sharing or Transfer Risk Retention or
Acceptance Risk Modification or Mitigation Risk Avoidance or Elimination
ChatGPT said:
Risk Sharing or Transfer ✅
You said:
, Compliance is the act of conforming to: Question 6 options: Laws Contracts All stated
requirements Policies
ChatGPT said:
All stated requirements ✅
You said:
is a central repository where risks and risk treatments are stored and regularly
reviewed. Question 7 options: Qualitative Assessment Quantitative Assessment Risk Registry
Risk Treatment Plan
ChatGPT said:
Risk Registry ✅
You said:
How long should a security policy be? Question 8 options: No longer than 10 pages All policies
are 5 pages One page No longer than absolutely necessary
ChatGPT said:
No longer than absolutely necessary ✅
You said:
This is the overall strategy for how your company will implement information security principles
and technologies. Question 9 options: A Framework Security Policies A Process A Procedure
ChatGPT said:
A Framework ✅
You said:
is a set of practices for IT service management that focuses on aligning IT services
with the needs of a business. Question 10 options: FAIR ITIL COSO NIST
ChatGPT said:
ITIL ✅
You said:
Risk managers will need to learn how to balance threats, vulnerabilities and assets to ensure
investments in risk treatments do not: Question 11 options: Exceed the value of the assets
being protected Become obsolete Exceed the budget None of the listed choices are correct.
