CIS 502 MENTOR Extraordinary Life/cis502mentor.com CIS 502 MENTOR Extraordinary Life/cis502mentor.com | Page 9

• 6 A security manager needs to perform a risk assessment on a critical business application, in order to determine what additional controls may be needed to protect the application and its databases. The best approach to performing this risk assessment is:
• 7 CIA is known as:
• 8 An organization has a strong, management-driven model of security related activities such as policy, risk management, standards, and processes. This model is better known as:
• 9 The impact of a specific threat is defined as:
• 10 Annualized loss expectancy is defined as:
• 11 A security manager is performing a quantitative risk assessment on a particular asset. The security manager wants to estimate the yearly loss based on a particular threat. The correct way to calculate this is::
• 12 An organization wishes to purchase an application, and is undergoing a formal procurement process to evaluate and select a product. What documentation should the organization use to make sure that the application selected has the appropriate security-related characteristics?
• 13 An organization suffered a virus outbreak when malware was download by an employee in a spam message.

• 6 A security manager needs to perform a risk assessment on a critical business application, in order to determine what additional controls may be needed to protect the application and its databases. The best approach to performing this risk assessment is:

• 7 CIA is known as:

• 8 An organization has a strong, management-driven model of security related activities such as policy, risk management, standards, and processes. This model is better known as:

• 9 The impact of a specific threat is defined as:

• 10 Annualized loss expectancy is defined as:

• 11 A security manager is performing a quantitative risk assessment on a particular asset. The security manager wants to estimate the yearly loss based on a particular threat. The correct way to calculate this is::

• 12 An organization wishes to purchase an application, and is undergoing a formal procurement process to evaluate and select a product. What documentation should the organization use to make sure that the application selected has the appropriate security-related characteristics?

• 13 An organization suffered a virus outbreak when malware was download by an employee in a spam message.