## Question # 1 ## Which of the following combinations best defines risk in realm of IT security? a. Vulnerability coupled with an attack b. Threat coupled with a breach of security c. Threat coupled

## Question # 2 ## Which is the best approach to determine the value of an intangible asset ? a. Review the depreciation of the intangible asset over the pass three years. b. Use the historical acquis

## Question # 4 ## Qualitative risk assessment is earmarked by which of the following ? a. Can be completed by personnel with a limited understanding of the risk assessment process and uses detailed m

## Question # 3 ## The two most dangerous types of attacks against database containing disparate non-sensitive information are.. a. Aggregation and inference b. Injection and scripting c. Session hija

## Question # 5 ## Consideration for which type of risk assessment to perform includes all of the following a. Culture of the organization, budget, capabilities and resources. b. Culture of the organi

## Question # 6 ## Security awareness training includes. a. The high-level outcome of vulnerability assessments. b. Legislated security compliance objectives c. Security roles and responsibilities for

## Question # 7 ## What is the minimum and customer practic of responsible protection of assets that affects a community or societal norm? a. Due diligence b. Due care c. Risk mitigation d. Asset prot

## Question # 8 ## Availability makes information accessible by protecting from. a. Denial of services, fires, floods, hurricanes, and unauthorized transactions b. Denial of services, fires, floods, h