RCR 090: CISSP Exam Questions for Risk Analysis – CISSP Training and Study!Apr 15, 2020
Subscribe: iTunes | Goggle Play | Stitcher Radio | RSS
Shon Gerber from ShonGerber.com provides you the information and knowledge you need to prepare and pass the CISSP Exam while providing the tools you need to enhance your cybersecurity career. Shon utilizes his expansive knowledge while providing superior training from his years of training people in cybersecurity.
Shon will provide CISSP training and study around the tools you need to better understand what you need to know to be better prepared for the CISSP Exam Questions. His knowledge will provide the skills needed to pass the CISSP Exam.
BTW - Get access to all my Free Content and CISSP Training Courses here at: https://shongerber.com/
- CISSP Training Course - https://www.shongerber.com/offers/zYsL6MCB
- CISO Training Course - https://www.shongerber.com/offers/zd2RbL6o
CISSP Exam Questions
Which commercial business/private sector data classification is used to control information about individuals within an organization?
- A) Confidential
- B) Private
- C) Sensitive
- D) Proprietary
The commercial business/private sector data classification of private is used to protect information about individuals.
Which of the following is not an element of the risk analysis process?
- A) Analyzing an environment for risks
- B) Creating a cost/benefit report for safeguards to present to upper management
- C) Selecting appropriate safeguards and implementing them
- D) Evaluating each threat event as to its likelihood of occurring and cost of the resulting damage
Selecting appropriate safeguards and implementing them
Risk analysis includes analyzing an environment for risks, evaluating each threat event as to its likelihood of occurring and the cost of the damage it would cause, assessing the cost of various countermeasures for each risk, and creating a cost/benefit report for safeguards to present to upper management. Selecting safeguards is a task of upper management based on the results of risk analysis. It is a task that falls under risk management, but it is not part of the risk analysis process.
Which of the following is not a defense against collusion?
- A) Separation of duties
- B) Restricted job responsibilities
- C) Group user accounts
- D) Job rotation
Group user accounts
Group user accounts allow for multiple people to log in under a single user account. This allows collusion because it prevents individual accountability.
Want to find Shon elsewhere on the internet?
LinkedIn – www.linkedin.com/in/shongerber
Facebook - https://www.facebook.com/CyberRiskReduced/
- ISC2 Training Study Guide
Stay connected with news and updates!
Join our mailing list to receive the latest news and updates from our team.
Don't worry, your information will not be shared.
We hate SPAM. We will never sell your information, for any reason.