11. What term describes an organization's ability to maintain its everyday productivity by establishing risk disaster recovery plans?
- Mitigation
- Daily defense
- Recovery
- Business continuity
12. What security concept involves all individuals in an organization taking an active role in reducing risk and maintaining security?
- Shared responsibility
- Remote services
- Secure coding
- Employee retention
13. A security analyst researches ways to improve access and authorization at their business. Their primary goal is to keep data secure. Which security domain does this scenario describe?
- Security assessment and testing
- Communication and network security
- Asset security
- Identity and access management
14. What are the key areas of focus in the security assessment and testing domain? Select three answers.
- Collect and analyze data
- Perform security audits
- Conduct security control testing
- Use secure coding practices
15. Fill in the blank: The software development _____ process may involve penetration testing during the deployment and implementation phase of developing software products.
- positioning
- access
- operational
- lifecycle
16. Which of the following statements accurately describe risk? Select all that apply.
- Another way to think of risk is the likelihood of a threat occurring.
- A high-risk asset is any information protected by regulations or laws.
- If compromised, a medium-risk asset may cause some damage to an organization’s ongoing operations.
- If compromised, a low-risk asset would have a severe negative impact on an organization’s ongoing reputation.
17. A business experiences an attack. As a result, sensitive personally identifiable information (SPII) is leaked through the dark web. What type of consequence does this scenario describe?
- Financial gain
- Identity theft
- Reputation
- Customer
18. In the Risk Management Framework (RMF), which step involves knowing how current systems are operating and if they support security goals?
- Monitor
- Assess
- Authorize
- Categorize
Shuffle Q/A 2
19. Fill in the blank: Security posture refers to an organization’s ability to react to _____ and manage its defense of critical assets and data.
- change
- tasks
- sustainability
- competition
20. How does business continuity enable an organization to maintain everyday productivity?
- By ensuring return on investment
- By exploiting vulnerabilities
- By outlining faults to business policies
- By establishing risk disaster recovery plans