Exam (elaborations)
CRISC - Risk Response: Questions With A+ Solutions
- Course
- Institution
CRISC - Risk Response: Questions With A+ Solutions
[Show more]
Content preview
CRISC - Risk Response: Questions With A+ SolutionsDetermine risk strategies and evaluate their effectiveness to manage risk to a
level in alignment with business objectives Right Ans - Risk Response
Risk Response Strategies Right Ans - Reduce - Avoidance
Transfer
Acceptance
Risk Reduction Right Ans - Lessen probability or impact of a risk event
Risk Mitigation Right Ans - Risk Reduction
Very Frequent risk response Right Ans - Risk Reduction
Ultimate risk reduction strategy Right Ans - Risk Avoidance
Risk transference Right Ans - Share potential loss, no changes to probabilty
or impact
Type of Risk Response of Insurances Right Ans - Risk Transference
Other Risk Transference strategies Right Ans - SLAs
Contract Modifications
Risk Acceptance Right Ans - Requires due diligence, when cost of
countermeasure is greater than potential loss.
Separation of Duties
Dual Control
Mandatory Vacations
Job Rotation
Least privilege
Need to know
Strong Configuration Management
Acceptable Use Policies
Data Classification Policy
Data Privacy
Computer ownership
, Data ownership Right Ans - Risk Mitigation through Policies
Access Control Right Ans - Data flow between subject and object, regulates
what a subject can do with an object
IAAA of Access Control Right Ans - Identification
Authentication
Authorization
Auditing
Make a claim, public information, must be unique Right Ans - Identification
Provide support of your claim, prove it Right Ans - Authentication
Authorization Right Ans - Rights and Permissions you have
Accountability, matching actions to subjects Right Ans - Auditing
Something I know, I have or I am Right Ans - Authentication
Paswords and Passphrases correspond to Right Ans - Authentication Type
I, Something you know
Token Devices, Keys, cards correspond to Right Ans - Authentication Type
II, Something you have
Biometrics, Static or Dynamic correspond to Right Ans - Authenticatin
Type III, Something you are
What is safer Right Ans - Multifactor security
Type I error in Biometrics Accuracy Right Ans - False Rejection (FRR)
Type II error in Biometrics Accuracy Right Ans - False Acceptance (FAR)
Crossover Error Rate Right Ans - Level at which FRR meets FAR
Rights and permissions a subject has after authentication Right Ans -
Authorization
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Studyhall. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $11.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
75057 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now