Understanding Threats and Risks

To protect assets

To increase profits

To expand market share

To enhance customer satisfaction

A circumstance that can negatively impact assets

A type of risk

A security control

A vulnerability

Anything that can impact the confidentiality, integrity, or availability of an asset

A type of threat

A security framework

A vulnerability

A weakness that can be exploited by a threat

A type of risk

A security control

A threat actor

Confidentiality, Integrity, Availability

Control, Integrity, Access

Confidentiality, Information, Access

Control, Information, Availability

Limiting users' access to only the information they need

Allowing all users full access to data

Providing access based on seniority

None of the above

To reduce specific security risks

To increase vulnerabilities

To enhance threats

To ignore risks

A framework developed to provide a common language for describing cyber threat activity

A type of risk management strategy

A vulnerability assessment tool

A security control

Requirements for an information security management system

A list of vulnerabilities

A risk assessment tool

A compliance checklist

Refers to all potential vulnerabilities a threat actor could exploit

Involves increasing the number of entry points

Is irrelevant to security

None of the above