CIS 502 MENTOR Learn Do Live /cis502mentor.com CIS 502 MENTOR Learn Do Live /cis502mentor.com

determine what additional controls may be needed to protect the application and its databases. The best approach to performing this risk assessment is: • • 7 CIA is known as 8 An organization has a strong, management-driven model of security related activities such as policy, risk management, standards, and processes. This model is better known as: • 9 • • The impact of a specific threat is defined as: 10 Annualized loss expectancy is defined as: 11 A security manager is performing a quantitative risk assessment on a particular asset. The security manager wants to estimate the yearly loss based on a particular threat. The correct way to calculate this is:: • 12 An organization wishes to purchase an application, and is undergoing a formal procurement process to evaluate and select a product. What documentation should the organization use to make sure that the application selected has the appropriate security-related characteristics? • 13 An organization suffered a virus outbreak when malware was download by an employee in a spam message. This outbreak might not have happened had the organization followed what security principle:

CIS 502 MENTOR Learn Do Live /cis502mentor.com CIS 502 MENTOR Learn Do Live /cis502mentor.com | Page 9