3. The bottom-up approach to an IT examination first considers the IT risks and then assesses the potential business impact. a) True b) False
Added by Robert T.
Step 1
This approach typically starts by identifying and analyzing specific IT risks, such as vulnerabilities or threats within the IT infrastructure. Show more…
Show all steps
Your feedback will help us improve your experience
Jerelyn Nevil and 100 other AP CS educators are ready to help you.
Ask a new question
Labs
Want to see this concept in action?
Explore this concept interactively to see how it behaves as you change inputs.
Key Concepts
Recommended Videos
It is generally unwise for an organization with high business risk to take on too much financial risk. Select one: a. True b. False
Jerelyn N.
1. Agile Threat Modeling demands that you make sure your threat model fully depicts every single possible threat. • A. True • B. False 2. What type of regulation is this? Software platforms and applications within the organization are inventoried. • A. Rules-Based • B. Outcome-Based 3. Security Checklists like the DISA STIGs and CIS help: ☐ A. Prevent the recurrence of commonly missed security issues ☐ B. Identify advanced persistent threats. ☐ C. Address threats not previously discovered. ☐ D. Avoid a narrow set of modeled threats. 4.. The user name and password for the database connection is embedded in clear text in the source code. Which threat(s) exists in this situation. ☐ A. Elevation of Privilege ☐ B. Information Disclosure ☐ C. Spoofing ☐ D. Tampering 5. Preventive controls are designed to warn the potential attacker away from attacking. • True • False 6. Select the attack surfaces that are relevant to assessing threats to your systems: ☐ A. Every possible way that data and commands are processed by your system. ☐ B. News media ☐ C. Every network endpoint on the network. ☐ D. People that designed, built, operate and support the system. 7. The developers of your new healthcare medical records up spun up the development infrastructure (web server, etc.) in Amazon Web Services. They ran penetration tests against the web application. No other security review of AWS infrastructure is necessary. • A. True • B. False 8. If a software vulnerability cannot be patched, one way to mitigate the risk is to harden the systems using a secure configuration standard or checklist. • A. True • B. False
Akash M.
Organizations that finance most of their assets with debt have relatively high business risk. Select one: a. True b. False
Jennifer S.
Recommended Textbooks
Computer Science and Information Technology
Introduction to Programming Using Python
Computer Science - An Overview
Transcript
18,000,000+
Students on Numerade
Trusted by students at 8,000+ universities
Watch the video solution with this free unlock.
EMAIL
PASSWORD