1.
To reduce the risk introduced when conducting penetration tests, the BEST mitigating control would be to:
2.
From a risk management perspective, the PRIMARY objective of using maturity models is to enable:
3.
A web-based service provider with a low risk appetite for system outages is reviewing its current risk profile for online security. Which of the following observations would be MOST relevant to escalate to senior management?
4.
Which of the following would be MOST useful when measuring the progress of a risk response action plan?
5.
Which of the following is MOST important to communicate to senior management during the initial implementation of a risk management program?
6.
Which of the following is the BEST evidence that a user account has been properly authorized?
7.
Which of the following is the BEST approach to use when creating a comprehensive set of IT risk scenarios?
8.
An effective control environment is BEST indicated by controls that:
9.
Which of the following attributes of a key risk indicator (KRI) is MOST important?
10.
Which of the following statements BEST describes risk appetite?