Security and Risk Management: Awareness Program and Risk Assessment
15 Questions
2 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What control can Alyssa put in place to protect against the risk of outdated content in her organization’s security awareness program?

  • Computer-based training
  • Live training
  • Gamification
  • Content reviews (correct)
  • In Gavin's report to management, what term best describes the current level of risk to the organization after adopting security controls?

  • Inherent risk
  • Residual risk (correct)
  • Control risk
  • Mitigated risk
  • Which law governs the actions that Francine must take regarding the copyright claim she received?

  • Lanham Act
  • Gramm Leach Bliley Act
  • Digital Millennium Copyright Act (correct)
  • Copyright Act
  • What law governs the actions that Francine must take regarding the copyright claim she received?

    <p>Digital Millennium Copyright Act</p> Signup and view all the answers

    Which law governs actions related to copyright claims for online service providers?

    <p>Digital Millennium Copyright Act</p> Signup and view all the answers

    What is the term for the level of risk remaining after security controls have been implemented?

    <p>Residual risk</p> Signup and view all the answers

    Under the General Data Protection Regulation (GDPR), which requirement for processing personal information states that individuals may request that their data no longer be disseminated or processed?

    <p>The right to be forgotten</p> Signup and view all the answers

    After conducting a qualitative risk assessment of her organization, Sally recommends purchasing cybersecurity breach insurance. What type of risk response behavior is she recommending?

    <p>Transfer</p> Signup and view all the answers

    Which one of the following elements of information is not considered personally identifiable information that would trigger most United States (U.S.) state data breach laws?

    <p>Student identification number</p> Signup and view all the answers

    Renee is speaking to her board of directors about their responsibilities to review cybersecurity controls. What rule requires that senior executives take personal responsibility for information security matters?

    <p>Personal liability rule</p> Signup and view all the answers

    Henry recently assisted one of his co-workers in preparing for the CISSP exam. During this process, Henry disclosed confidential information about the content of the exam, in violation of Canon IV of the Code of Ethics: 'Advance and protect the profession.' Who may bring ethics charges against Henry for this violation?

    <p>Any certified or licensed professional may bring charges.</p> Signup and view all the answers

    Wanda is working with one of her organization’s European Union business partners to facilitate the exchange of customer information. Wanda’s organization is located in the United States. What would be the best method for Wanda to use to ensure GDPR compliance?

    <p>Standard contractual clauses</p> Signup and view all the answers

    Yolanda is the chief privacy officer for a financial institution and is researching privacy requirements related to customer checking accounts. Which one of the following laws is most likely to apply to this situation?

    <p>GLBA</p> Signup and view all the answers

    Tim’s organization recently received a contract to conduct sponsored research as a government contractor. What law now likely applies to the information systems involved in this contract?

    <p>FISMA</p> Signup and view all the answers

    Chris is advising travelers from his organization who will be visiting many different countries. What is a potential concern that Chris should advise the travelers about regarding cybersecurity?

    <p>Increased risk of identity theft</p> Signup and view all the answers

    More Like This

    Security and Risk Management Fundamentals
    12 questions
    Insider Threat Awareness Flashcards
    12 questions
    Risk Management and Privacy Awareness
    29 questions
    Risk Management and Privacy Awareness Quiz
    20 questions
    Use Quizgecko on...
    Browser
    Browser