Which of the following is the main reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of its business models and processes?
cciso-4
Quiz
•
Mathematics
•
2nd Grade
•
Medium
dd disuza
Used 1+ times
FREE Resource
Student preview
10 questions
Show all answers
1.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Need to comply with breach disclosure laws
Fiduciary responsibility to safeguard credit information
Need to transfer the risk associated with hosting PII data
Need to better understand the risk associated with using PII data
2.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Which is the most important benefit of an effective security governance process?
Senior management participation in the incident response process
Better vendor management
Reduction of security breaches
Reduction of liability and overall risk to the organization
3.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
What is the main purpose of the Incident Response Team?
Communicate details of information security incidents
Create effective policies detailing program activities
Ensure efficient recovery and reinstate repaired systems
Provide effective employee awareness programs
4.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
When project costs continually increase throughout implementation due to large or rapid changes in customer or user requirements, this is commonly known as:
Prototype issues
Cost/benefit adjustments
Scope creep
Expectations management
5.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
An organization has decided to address information security formally and consistently by adopting established best practices and industry standards. The organization is a small retail merchant, but it is expected to grow to a global customer base of many millions of customers in just a few years. The organization has already been subject to a significant amount of credit card fraud. Which of the following is the most likely reason for this fraud?
Ineffective security awareness program
Lack of technical controls when dealing with credit card data
Lack of compliance to the Payment Card Industry (PCI) standards
Security practices not in alignment with ISO 27000 frameworks
6.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Which of the following information would most likely be reported at the board level within an organization?
Significant risks and security incidents that have been discovered since the last assembly of the
membership
The numbers and types of cyberattacks experienced by the organization since the last
assembly of the membership
System scanning trends and results as they pertain to insider and external threat sources
The capabilities of a security program in terms of staffing support
7.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
A CISO has implemented a risk management capability within the security portfolio. Which of the following terms best describes this functionality?
Service
Program
Cost center
Portfolio
Create a free account and access millions of resources
Create resources
Host any resource
Get auto-graded reports
Microsoft
Apple
Others
Popular Resources on Wayground
25 questions
Equations of Circles
Quiz
•
10th - 11th Grade
30 questions
Week 5 Memory Builder 1 (Multiplication and Division Facts)
Quiz
•
9th Grade
33 questions
Unit 3 Summative - Summer School: Immune System
Quiz
•
10th Grade
10 questions
Writing and Identifying Ratios Practice
Quiz
•
5th - 6th Grade
36 questions
Prime and Composite Numbers
Quiz
•
5th Grade
14 questions
Exterior and Interior angles of Polygons
Quiz
•
8th Grade
37 questions
Camp Re-cap Week 1 (no regression)
Quiz
•
9th - 12th Grade
46 questions
Biology Semester 1 Review
Quiz
•
10th Grade