11. What term describes an organization's ability to maintain its everyday productivity by establishing risk disaster recovery plans?

  • Mitigation
  • Daily defense
  • Recovery
  • Business continuity

12. What security concept involves all individuals in an organization taking an active role in reducing risk and maintaining security?

  • Shared responsibility
  • Remote services
  • Secure coding
  • Employee retention

13. A security analyst researches ways to improve access and authorization at their business. Their primary goal is to keep data secure. Which security domain does this scenario describe?

  • Security assessment and testing
  • Communication and network security
  • Asset security
  • Identity and access management

14. What are the key areas of focus in the security assessment and testing domain? Select three answers.

  • Collect and analyze data
  • Perform security audits
  • Conduct security control testing
  • Use secure coding practices

15. Fill in the blank: The software development _____ process may involve penetration testing during the deployment and implementation phase of developing software products.

  • positioning
  • access
  • operational
  • lifecycle

16. Which of the following statements accurately describe risk? Select all that apply.

  • Another way to think of risk is the likelihood of a threat occurring.
  • A high-risk asset is any information protected by regulations or laws.
  • If compromised, a medium-risk asset may cause some damage to an organization’s ongoing operations.
  • If compromised, a low-risk asset would have a severe negative impact on an organization’s ongoing reputation.

17. A business experiences an attack. As a result, sensitive personally identifiable information (SPII) is leaked through the dark web. What type of consequence does this scenario describe?

  • Financial gain
  • Identity theft
  • Reputation
  • Customer

18. In the Risk Management Framework (RMF), which step involves knowing how current systems are operating and if they support security goals?

  • Monitor
  • Assess
  • Authorize
  • Categorize

Shuffle Q/A 2

19. Fill in the blank: Security posture refers to an organization’s ability to react to _____ and manage its defense of critical assets and data.

  • change
  • tasks
  • sustainability
  • competition

20. How does business continuity enable an organization to maintain everyday productivity?

  • By ensuring return on investment
  • By exploiting vulnerabilities
  • By outlining faults to business policies
  • By establishing risk disaster recovery plans

Leave a Reply