12 Questions
What is the primary purpose of configuration control?
To ensure that only approved changes to a baseline are allowed to be implemented
What is an incident in an information system or network?
Any event that results in a different outcome than normal
What is the primary goal of user rights and permissions reviews?
To ensure that the list of users and associated rights is complete and up to date
What is the primary target of most attackers?
Data
What is one of the controls that can be employed to prevent data theft?
Data minimization
What is a common challenge in maintaining user rights and permissions?
Keeping the list of users and associated rights complete and up to date
What is the primary goal of risk mitigation strategies?
To reduce the impact of threats and hazards
Which of the following is NOT a type of risk mitigation strategy?
Quality control
What is the main difference between change management and configuration management?
Change management is applied at a higher level, while configuration management is applied at a lower level
What is the purpose of a Change Control Board?
To approve all production changes
What is configuration control?
The process of controlling changes to items that have been baselined
What is the origin of change management practices?
System engineering and configuration management
This quiz covers the action plans developed to mitigate risks and threats associated with business operations. It includes strategies such as change management, incident management, and audits to reduce the impact of threats and hazards.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free