O'Reilly logo

Advanced CISSP Prep Guide: Exam Q&A by Russell Dean Vines, Ronald L. Krutz

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

APPENDIX A

Answers to Sample Questions

Chapter 1—Security Management Practices

  1. Which choice below most accurately reflects the goals of risk mitigation?
    1. Defining the acceptable level of risk the organization can tolerate, and reducing risk to that level
    2. Analyzing and removing all vulnerabilities and threats to security within the organization
    3. Defining the acceptable level of risk the organization can tolerate, and assigning any costs associated with loss or disruption to a third party, such as an insurance carrier
    4. Analyzing the effects of a business disruption and preparing the company's response

    Answer: a

    The correct answer is a. The goal of risk mitigation is to reduce risk to a level acceptable to the organization. Therefore risk needs to be defined for the organization through risk analysis, business impact assessment, and/or vulnerability assessment.

    Answer b is not possible. Answer c is called risk transference. Answer d is a distracter.

  2. Which answer below is the BEST description of a Single Loss Expectancy (SLE)?
    1. An algorithm that represents the magnitude of a loss to an asset from a threat
    2. An algorithm that expresses the annual frequency with which a threat is expected to occur
    3. An algorithm used to determine the monetary impact of each occurrence of a threat
    4. An algorithm that determines the expected annual loss to an organization from a threat

    Answer: c

    The correct answer is c. The Single Loss Expectancy (or Exposure) figure may be created as a result of a Business ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required