MSIS 4123 Quiz #2
Which of the following activities B, C, D
is/are involved in security planning?
* Select all that apply.
A: Recover the business functions
B: Determine the controls to
implement
C: Assess the current state
D: Develop a timetable
_______________ is a way to assess C: Risk Management Framework
cybersecurity risks when developing
large-scale computer systems.
A: Information Security Insurance
B: Business Continuity Planning
C: Risk Management Framework
D: Digital Forensics
, MSIS 4123 Quiz #2
Which of the following statement ...
is/are correct about internal support
systems in the context of physical
security?
* Select all that apply.
A: Internal support systems refer to
the resources within a facility that are
necessary for the information
systems to function properly.
B: Internal support systems include
power control systems such as
electric wiring, circuit breakers,
backup batteries, etc.
C: Internal support systems include
environmental control systems such
as HVAC, dehumidifier, etc.
D: Internal support systems include
fire control systems such as smoke
detectors and fire suppressors.
, MSIS 4123 Quiz #2
Which of the following statements B, C
about risk analysis is/are correct?
* Select all that apply.
A: You need to establish 1-to-1
mappings between the risks and
controls.
B: A risk matrix show if an asset is
subject to certain types of attacks.
C: An attack matrix identifies
potential attacks that can be
launched by various threat agents
along the major attack types.
D: An infosec control's return of
investment (ROI) is the product of
single loss expectancy (SLE) and
annual rate of occurrence (ARO).
Which of the following activities B, C, D
is/are involved in security planning?
* Select all that apply.
A: Recover the business functions
B: Determine the controls to
implement
C: Assess the current state
D: Develop a timetable
_______________ is a way to assess C: Risk Management Framework
cybersecurity risks when developing
large-scale computer systems.
A: Information Security Insurance
B: Business Continuity Planning
C: Risk Management Framework
D: Digital Forensics
, MSIS 4123 Quiz #2
Which of the following statement ...
is/are correct about internal support
systems in the context of physical
security?
* Select all that apply.
A: Internal support systems refer to
the resources within a facility that are
necessary for the information
systems to function properly.
B: Internal support systems include
power control systems such as
electric wiring, circuit breakers,
backup batteries, etc.
C: Internal support systems include
environmental control systems such
as HVAC, dehumidifier, etc.
D: Internal support systems include
fire control systems such as smoke
detectors and fire suppressors.
, MSIS 4123 Quiz #2
Which of the following statements B, C
about risk analysis is/are correct?
* Select all that apply.
A: You need to establish 1-to-1
mappings between the risks and
controls.
B: A risk matrix show if an asset is
subject to certain types of attacks.
C: An attack matrix identifies
potential attacks that can be
launched by various threat agents
along the major attack types.
D: An infosec control's return of
investment (ROI) is the product of
single loss expectancy (SLE) and
annual rate of occurrence (ARO).
