Chapters 13–14 Quiz-IT-412

Why is continuous monitoring an important activity in risk management?

You are analyzing a risk and have determined that the SLE is $1,200 and the ARO is 3. What is the ALE?

What type of standard states a minimum level of behavior or actions that must be met to comply with a policy?

An organization responds to risk according to its:

All of the following statements are true except:

What is a test for measuring the reliability of a scientific methodology?

________________ state(s) the justification of why the policy exists. This includes the legal or regulatory justification for the policy, which might be drafted in response to information security threats.

What does the best evidence rule require?

What type of risk assessment uses descriptive categories to express asset criticality, risk exposure (likelihood), and risk impact?

Which law requires each federal agency to develop an information security program?

Members of the risk assessment team should include:

What is the name of data that is stored in memory?

Of the following information security assurance documents, which is the most flexible?

What kind of policy would contain a No Retaliation element?

When performing computer forensics, what is a potential source of digital evidence?

What type of risk assessment uses monetary values to assess a risk?

What is a forensic duplicate image?

Which of the following is not a valid court-recognized exception to search warrant requirements?

According to the NIST, the process of identifying risk, assessing risk, and taking steps to reduce risk to an acceptable level is ___________.

Which of the following steps occurs before any of the others in a formal policy development process?