SEC 320 Week 4 Quiz
SCE 320 Week 4 Quiz
1. (TCO 1) The common categories of risk include
2. (TCO 2) The analyst should develop information for which of the following?
3. (TCO 1) Which of the following risks are generally considered?
4. (TCO 3) When valuing assets, they should be broken down into these three categories:
5. (TCO 1) Probability is defined as
6. (TCO 2) In operational risk management, an example of a process can include
7. (TCO 2) How does the Vulnerability Self-Assessment Tool (VSAT) define vulnerability?
8. (TCO 1) Differentiate the best way to handle the following risks: high severity, high frequency; high severity, low frequency; medium severity, and a risk with a probability range of 4-6; low severity, high frequency; low severity, low frequency.
9. (TCO 3) When deciding to insure assets, risks must substantially meet certain requirements in order to be insurable. Name four requirements.
10. (TCO 2) Given an organization's need to secure its assets and protect its personnel, for what purpose would it create a security survey?
11. (TCO 1) The principles of probability are very important to understand when determining risk. With respect to the primary principles, choose three and explain how each helps to reduce risk.
12. (TCO 2) Security surveys are extremely important to overall organizational security programs. Just as important is the ability to market one's security program to organizational leadership so that adequate funding will be allocated to the program. Please discuss four techniques that one can use and explain why you chose them.
13. (TCO 3) If a security program does not exist, what are the three most important aspects of a design that the systems engineer can use when developing the program and why are these the most important?