Cybersecurity Foundations for Risk Management Coursera Quiz Answers

Get Cybersecurity Foundations for Risk Management Coursera Quiz Answers

In order to manage the cybersecurity function business, you must first understand its language and its environment. This course covers the foundations of cybersecurity, including threats and vulnerabilities as well as the tools, technologies, and strategies used to manage it.

After completing this course, a learner will be able to:

● Define key concepts and terminology in Cybersecurity

● Identify threats to cybersecurity

● Identify strategies to identify and remediate vulnerabilities in information assets

● Identify the systemic components (including personnel) necessary for an effective cybersecurity program

Enroll on Coursera

Week 2: An Introduction to Cybersecurity (Module 1.1)

Quiz 1: The Definition of Cybersecurity (Lesson Quiz 1.1.1)

Q1. Which of the following is not a term that is part of the history of cybersecurity?

  • IT security
  • information security
  • computer security
  • cyberdefense

Q2. Which of these is the best definition of cybersecurity?

  • The protection of computer systems through the application of good security practices.
  • The application of improved security practices to protect information on cyber-related systems.
  • The protection of information when it is used on a computer system or cybernetic network through the application of good security practices.
  • The protection of information in all of its forms, wherever it may exist, through the application of good security practices.

Q3. Which if these is not one of the identified good security practices?

  • cybersecurity technology
  • cybersecurity policy
  • cybersecurity programming
  • cybersecurity training and awareness

Quiz 2: Key Concepts in Cybersecurity – Part 1 (Quiz 1.1.2)

Q1. The three core characteristics of information are what give it value. Which of these is not one of those characteristics?

  • authenticity
  • integrity
  • availability
  • confidentiality

Q2. In the context of cybersecurity, _____ is the right of the individual or group to protect themselves and their information from unauthorized access.

  • privacy
  • aggregation
  • utility
  • possession

Q3. A threat to privacy is information ______ where adversaries assemble of a portfolio of information from a number of different sources which can be assembled to create a more complete picture of an individual.

  • privacy
  • aggregation
  • utility
  • possession

Quiz 3: Key Concepts in Cybersecurity – Part 2 (Quiz 1.1.3)

Q1. _____ are those information-based items of value to the organization.

  • information assets
  • database
  • loss
  • threats

Q2. _____ are events or circumstances that have the potential to adversely affect operations and assets.

  • information assets
  • database
  • loss
  • threats

Q3. A technique used to compromise a system is known as a(n) ____.

Answer: Exploit

Quiz 4: Quiz for the Introduction to Cybersecurity Module 1.1

Q1. _____ are events or circumstances that have the potential to adversely affect operations and assets.

  • information assets
  • database
  • loss
  • threats

Q2. A person who accesses systems and information without authorization and often illegally is called a(n) _____.

  • hacker
  • penetration tester
  • threat analyst
  • whizbanger

Q3. Which of these is the best definition of cybersecurity?

  • The protection of information in all of its forms, wherever it may exist, through the application of good security practices.
  • The protection of information in all of its forms, wherever it may exist, through the application of good security practices
  • The protection of information when it is used on a computer system or cybernetic network through the application of good security practices.
  • The application of improved security practices to protect information on cyber-related systems.

Q4. Which if these is not one of the identified good security practices?

  • cybersecurity programming
  • cybersecurity policy
  • cybersecurity training and awareness
  • cybersecurity technology

Q5. The three core characteristics of information are what give it value. Which of these is not one of those characteristics?

  • authenticity
  • integrity
  • availability
  • confidentiality

Q6. In the context of cybersecurity, _____ is the right of the individual or group to protect themselves and their information from unauthorized access.

  • privacy
  • aggregation
  • utility
  • possession

Q7. A threat to privacy is information ______ where adversaries assemble of a portfolio of information from a number of different sources which can be assembled to create a more complete picture of an individual.

  • privacy
  • aggregation
  • utility
  • possession

Q8. _____ are those information-based items of value to the organization.

  • information assets
  • database
  • loss
  • threats

Q9. _____ is an instance of an information asset suffering damage or destruction, unintended or unauthorized modification or disclosure, or denial of use.

  • information assets
  • database
  • loss
  • threats

Q10. Potential weaknesses in an asset or its defensive control systems are known as _____.

Answer: 

Week 3: Threats to Cybersecurity (Module 1.2)

Quiz 1: Compromises to IP, Deviations in QoS, & Espionage or Trespass (Quiz 1.2.1)

Q1. Any event or circumstance that has the potential to adversely affect operations and assets is known as a(n) ______.

  • threat
  • spike
  • fault
  • patent

Q2. The creation, ownership, and control of original ideas as well as the representation of those ideas is known as _____.

  • intellectual property
  • information extortion
  • property rights
  • right to privacy

Q3. When power is interrupted for a long term (called an outage) it is called a _____.

  • blackout
  • brownout
  • surge
  • sag

Quiz 2: Forces of Nature, Human Error or Failure & Information Extortion (Quiz 1.2.2)

Q1. Forces of _____ are also known as force majeure, or acts of God, includes natural disasters, fires, floods, earthquakes, lightning strikes.

Answer: 

Q2. When an employee or other stakeholder of an organization, makes a mistake, that’s called _____.

  • human error
  • social engineering
  • force of nature
  • human nature

Q3. If someone tricks a user into sharing their credentials, by pretending to be someone that the user would trust that’s called _____.

  • human error
  • social engineering
  • force of nature
  • privilege escalation

Quiz 3: Sabotage or vandalism, Software attacks & Technical hardware failures (Quiz 1.2.3)

Q1. The threat category known as _____ includes malware such as viruses, worms, macros, as well as denial of service attacks and script injections.

  • software attacks
  • sabotage
  • vandalism
  • information extortion

Q2. _____ software looks like legitimate software but is either malware in disguise or legitimate software embedded with malware

  • loanware
  • trojan horse
  • open source
  • greenware

Q3. An attack that attempts to overwhelm a computer target’s ability to handle incoming communications is known as _____.

  • denial of service
  • a virus
  • a worm
  • spam

Quiz 4: Technical Hardware Failure, Technical Software Failure, Technological Obsolescence, and Theft (Quiz1.2.4)

Q1. The category of threat that represents a situation where, for some reason, our technology equipment fails is known as _____.

  • technical hardware failure
  • mean time until failure
  • network unit failure
  • technical software failure

Q2. The category of threat that represents a situation where, for some reason, our programming or operating systems fail is known as _____.

  • technical hardware failure
  • mean time until failure
  • technological obsolesence
  • technical software failure

Q3. The category of threat that represents a situation where we must rely on technology that cannot be easily replaced is known as _____.

  • technical hardware failure
  • mean time until failure
  • technological obsolesence
  • technical software failure

Quiz 5: Threats to Cybersecurity – Module 1.2 Quiz

Q1. Any event or circumstance that has the potential to adversely affect operations and assets is known as a(n) ______.

  • threat
  • spike
  • fault
  • patent

Q2. The creation, ownership, and control of original ideas as well as the representation of those ideas is known as _____.

  • intellectual property
  • information extortion
  • property rights
  • right to privacy

Q3. The threat catagory known as Deviations in Quality of Service are usually seen as _____ usually from a service provider.

  • an interruption of service
  • the diconnection for non-payment
  • normal delivery of service
  • the resumption of service

Q4. If someone tricks a user into sharing their credentials, by pretending to be someone that the user would trust that’s called _____.

  • human error
  • social engineering
  • force of nature
  • privilege escalation

Q5. The category of threat that represents a situation where we must rely on technology that cannot be easily replaced is known as _____.

  • technical hardware failure
  • mean time until failure
  • technological obsolesence
  • technical software failure

Week 4: Cybersecurity Management (Module 1.3)

Quiz 1: Introduction to the Management of Cybersecurity – Lesson Quiz

Q1. In a manager’s decisional role they _____.

  • collect, process, and use information in order to complete cybersecurity objectives
  • interact with their bosses, employees, co-workers, other organizational stakeholders, and basically anyone involved with or affected by the cybersecurity function
  • make choices by selecting from among alternatives and they resolve conflicts, dilemmas, or challenges related to cybersecurity
  • unilaterally direct all employee compter uses in the organization

Q2. Management and leadership are interchangeable and have the same necessary skills.

  • True
  • False

Q3. Controlling is _____.

  • the activity that focuses on the structuring of resources
  • the administration of employees, making sure you have the right number of people, as well as the right skills within your staff to do the work
  • communicating your plans to your employees, and making sure they are working to help achieve the department’s goals
  • making sure that the department and it’s employees are making progress towards the objectives that you specified during planning and making sure any problems that come up are solved

Quiz 2: Cybersecurity Roles and Responsibilities – Lesson 1.3.2 Quiz

Q1. Cybersecurity professionals have to have _____.

  • technical skills
  • an abilty to able to discuss cybersecurity with non-technical managers
  • an ability to gather requirements from non-technical managers
  • all of these are required

Q2. The _____ develops the strategic plans for the cybersecurity function.

  • CIO
  • CFO
  • CISO
  • CEO

Q3. The job with the title of _____ is frequently called on to manage the day-to-day operations of security technology as well as to assist in training programs, developing policies.

  • CISO
  • cybersecurity manager
  • security technician
  • security administrator

Quiz 3: Cybersecurity Governance – Lesson Quiz

Q1. The responsibility for the entire cybersecurity program should rests solely on the CISO or VP for Cybersecurity.

  • True
  • False

Q2. In recent years, there is a strong trend to make cybersecurity the responsibility of _____.

  • the highest ranking computer manager
  • a middle-level manager
  • the highest ranking security executive
  • the upper levels of management to include the boards of directors

Q3. _____ is an approach to cybersecurity management requiring direct oversignt by the board of directors or senior management.

  • Governance, risk management, and compliance (GRC)
  • People, plans, and practices (PPP)
  • Information technology governance inference (ITGI)
  • Computing governance tehnical framework (CGTF)

Quiz 4: Planning for Cybersecurity (Lesson Quiz 1.3.4)

Q1. What is a system development lifecycle or SDLC approach?

  • An approach to plan the hiring of a new systems manager.
  • A way to develop a new personnel evaluation approach.
  • A framework used to hire a design consultant.
  • A methodology for the design and implementation of a system or program.

Q2. The _____ phase of the SecSDLC begins with instructions from upper management specifying the process, outcomes, and goals of the project as well as its budget and other constraints.

  • analysis
  • implementation
  • design
  • investigation

Q3. The _____ phase of the SecSDLC is where the components of the recommended program are acquired, tested, implemented, and retested.

  • analysis
  • implementation
  • design
  • investigation

Quiz 5: Planning for Cybersecurity Contingencies (Lesson Quiz 1.3.5)

Q1. What are ‘non-normal’ operations?

  • What our organization does when the unexpected happens
  • What our organization does when customers are unhappy
  • What our organization does in routine operations
  • What out organization does when there are no tasks to be done immediately

Q2. Contingency planning is accomplished with all of the following except _____.

  • good luck
  • technical measures
  • plans
  • procedures

Q3. Crisis management planning is focused on the _____.

  • recovery of business data
  • people aspects of incidents or disasters
  • resumption of IT services
  • resumption of customer revenue

Quiz 6: Cybersecurity Management (Module Quiz 1.3)

Q1. In a manager’s interpersonal role they _____.

  • collect, process, and use information in order to complete cybersecurity objectives
  • interact with their bosses, employees, co-workers, other organizational stakeholders, and basically anyone involved with or affected by the cybersecurity function
  • make choices by selecting from among alternatives and they resolve conflicts, dilemmas, or challenges related to cybersecurity
  • unilaterally direct all employee compter uses in the organization

Q2. Organizing is _____.

  • the activity that focuses on the structuring of resources
  • the administration of employees, making sure you have the right number of people, as well as the right skills within your staff to do the work
  • communicating your plans to your employees, and making sure they are working to help achieve the department’s goals
  • making sure that the department and it’s employees are making progress towards the objectives that you specified during planning and making sure any problems that come up are solved

Q3. Which of these is not one of the three general categories of Cybersecurity policy?

  • Network Usage Policies (NUPs)
  • Enterprise policy (EISP or ECSP)
  • Issue-Specific Security Policies (ISSPs)
  • System-Specific Policies (SysSPs)

Q4. The _____ develops the strategic plans for the cybersecurity function.

  • CIO
  • CFO
  • CISO
  • CEO

Q5. _____ is an approach to cybersecurity management requiring direct oversignt by the board of directors or senior management.

  • Governance, risk management, and compliance (GRC)
  • People, plans, and practices (PPP)
  • Information technology governance inference (ITGI)
  • Computing governance tehnical framework (CGTF)

Q6. What is a system development lifecycle or SDLC approach?

  • An approach to plan the hiring of a new systems manager.
  • A way to develop a new personnel evaluation approach.
  • A framework used to hire a design consultant.
  • A methodology for the design and implementation of a system or program.

Q7. The _____ phase of the SecSDLC is where the components of the recommended program are acquired, tested, implemented, and retested.

  • analysis
  • implementation
  • design
  • investigation

Q8. The BIA is also known as the _____.

  • Business Impact Assay
  • Business Impact Analysis
  • Business Influence Assessment
  • Business Integration Analysis

Q9. A(n) _____ is an adverse event that could result in the loss, damage, destruction, or disclosure of an information asset.

  • outcome
  • disaster
  • incident
  • escalation

Q10. Crisis management planning is focused on the _____.

  • recovery of business data
  • people aspects of incidents or disasters
  • resumption of IT services
  • resumption of customer revenue

Week 5: Understanding Cybersecurity Risk and Risk Management (Module 1.4)

Quiz 1: Understanding Cybersecurity Risk

Q1. In cybersecurity, risk is focused on the loss of confidentiality, integrity, and availability of information assets.

  • True
  • False

Q2. The probability that a specific vulnerability within an organization will be attacked by a threat is called _____.

  • Likelihood
  • Impact
  • Residual
  • Reslilience

Q3. The consequence of a loss from the outcome of a successful attack on an information asset, known as the “magnitude of harm” is known as the _____.

  • likelihood
  • impact
  • result
  • influence

Quiz 2: Understanding Risk Management (Lesson Quiz 1.4.2)

Q1. _____ can be defined as the quantity and nature of risk that the organization is willing to accept as it evaluates the trade-offs between security and accessibility.

  • Residual risk
  • Risk avoidance
  • Persistent risk
  • Risk appetite

Q2. _____ can be defined as the risk you have left after you’re done reducing risk to an acceptable level.

  • Residual risk
  • Risk avoidance
  • Persistent risk
  • Risk appetite

Q3. In the risk management methodology, finding where and what is the risk is known as _____.

  • risk identification
  • risk isolation
  • risk treatment
  • risk evaluation

Quiz 3: Risk Management Team Roles and Responsibilities (Lesson Quiz 1.4.3)

Q1. The _____ is a high-level executive who can ensure that all subordinate managers will support the effort, without territory disputes, in-fighting, and other political games that can jeopardize the program.

  • project manager
  • assessment specialist
  • champion

Q2. The team that will perform the risk management assessment and recommends remediations, where shortcomings are found is known as the _____ team.

  • RM intermediation
  • RM factors
  • RM Framework
  • RM process

Q3. Threat assessment – also known as threat intelligence is used to review the valuation of the assets that may be at risk.

  • True
  • False

Quiz 4: Understanding Cybersecurity Risk and Risk Management Module Quiz

Q1. In cybersecurity, risk is focused on the loss of confidentiality, integrity, and availability of information assets.

  • True
  • False

Q2. The probability that a specific vulnerability within an organization will be attacked by a threat is called _____.

  • Likelihood
  • Impact
  • Residual
  • Reslilience

Q3. The consequence of a loss from the outcome of a successful attack on an information asset, known as the “magnitude of harm” is known as the _____.

  • likelihood
  • impact
  • result
  • influence

Q4. _____ can be defined as the quantity and nature of risk that the organization is willing to accept as it evaluates the trade-offs between security and accessibility.

  • Residual risk
  • Risk avoidance
  • Persistent risk
  • Risk appetite

Q5. _____ can be defined as the risk you have left after you’re done reducing risk to an acceptable level.

  • Residual risk
  • Risk avoidance
  • Persistent risk
  • Risk appetite

Q6. In the risk management methodology, finding where and what is the risk is known as _____.

  • risk identification
  • risk isolation
  • risk treatment
  • risk evaluation

Q7. The _____ is a high-level executive who can ensure that all subordinate managers will support the effort, without territory disputes, in-fighting, and other political games that can jeopardize the program.

  • project manager
  • assessment specialist
  • champion

Q8. The team that will perform the risk management assessment and recommends remediations where shortcomings are found is known as the _____ team.

  • RM Framework
  • RM factors
  • RM intermediation
  • RM process

Q9. Threat assessment – also known as threat intelligence is used to review the valuation of the assets that may be at risk.

  • True
  • False

Q10. In cybersecurity risk is the probability of loss, damage, destruction or disclosure of an information asset.

  • True
  • False

Week 6: Wrap-up for Cybersecurity Foundations for Risk Management

Quiz: Final Course Assessment

Q1. Which of these is the best definition of cybersecurity?

  • The protection of information in all of its forms, wherever it may exist, through the application of good security practices.
  • The protection of computer systems through the application of good security practices.
  • The protection of information when it is used on a computer system or cybernetic network through the application of good security practices.
  • The application of improved security practices to protect information on cyber-related systems.

Q2. The three core characteristics of information are what give it value. Which of these is not one of those characteristics?

  • authenticity
  • integrity
  • availability
  • confidentiality

Q3. In the context of cybersecurity, _____ is the right of the individual or group to protect themselves and their information from unauthorized access.

  • privacy
  • aggregation
  • utility
  • possession

Q4. A(n) _____ is an instance of an information asset suffering damage or destruction, unintended or unauthorized modification or disclosure, or denial of use.

  • information event
  • data spill
  • loss
  • threat outcome

Q5. Potential weaknesses in an asset or its defensive control systems are known as _____.

Answer:

Q6. A technique used to compromise a system is known as a(n) ____.

Answer: 

Q7. Any event or circumstance that has the potential to adversely affect operations and assets is known as a(n) ______.

  • threat
  • spike
  • fault
  • patent

Q8. The creation, ownership, and control of original ideas as well as the representation of those ideas is known as _____.

  • intellectual property
  • information extortion
  • property rights
  • right to privacy

Q9. _____ is the unauthorized entry into the real or virtual property of another party.

  • Trespass
  • Interception
  • Collusion
  • Espionage

Q10. When an employee or other stakeholder of an organization, makes a mistake, that’s called _____.

  • human error
  • social engineering
  • force of nature
  • human nature

Q11. If an adversary can increase their level of access by changing the type of access they have from user, to administrator, that’s called _____.

  • human error
  • social engineering
  • force of nature
  • privilege escalation

Q12. When an adversary steals your information, then tries to blackmail you into paying for it’s return it is known as _____.

  • ransomfail
  • phishing
  • data mashing
  • information extortion

Q13. _____ are malicious software elements designed to infect a user’s computer and either steal information and send it to the attacker, or damage, destroy or deny service to the computers.

  • viruses and worms
  • clickbait
  • cookies
  • spam

Q14. _____ software looks like legitimate software but is either malware in disguise or legitimate software embedded with malware

  • loanware
  • trojan horse
  • open source
  • greenware

Q15. An attack that attempts to overwhelm a computer target’s ability to handle incoming communications is known as _____.

  • denial of service
  • a virus
  • a worm
  • spam

Q16. An attack in which an attacker intercepts a communications stream between two users or systems and inserts himself in the conversation is known as a(n) _____ attack.

  • denial of service
  • virus
  • man in the middle attack
  • spam

Q17. The category of threat that represents a situation where we must rely on technology that cannot be easily replaced is known as _____.

  • technical hardware failure
  • mean time until failure
  • technological obsolesence
  • technical software failure

Q18. In a manager’s informational role they _____.

  • collect, process, and use information in order to complete cybersecurity objectives
  • interact with their bosses, employees, co-workers, other organizational stakeholders, and basically anyone involved with or affected by the cybersecurity function
  • make choices by selecting from among alternatives and they resolve conflicts, dilemmas, or challenges related to cybersecurity
  • unilaterally direct all employee compter uses in the organization

Q19. Management and leadership are interchangeable and have the same necessary skills.

  • True
  • False

Q20. Controlling is _____.

  • the activity that focuses on the structuring of resources
  • the administration of employees, making sure you have the right number of people, as well as the right skills within your staff to do the work
  • communicating your plans to your employees, and making sure they are working to help achieve the department’s goals
  • making sure that the department and it’s employees are making progress towards the objectives that you specified during planning and making sure any problems that come up are solved

Q21. Which of these is not one of the three general categories of Cybersecurity policy?

  • Network Usage Policies (NUPs)
  • Enterprise policy (EISP or ECSP)
  • Issue-Specific Security Policies (ISSPs)
  • System-Specific Policies (SysSPs)

Q22. Cybersecurity professionals have to have _____.

  • technical skills
  • an abilty to able to discuss cybersecurity with non-technical managers
  • an ability to gather requirements from non-technical managers
  • all of these are required

Q23. Those cybersecurity professional that define cybersecurity can_____

  • handle planning, policy and risk management
  • create security solutions
  • administer or operate cybersecurity program elements
  • handle day-to-day monitoring and operations

Q24. Thos cybersecurity proffessional that build cybersecurity can _____

  • handle planning, policy and risk management
  • create security solutions
  • administer or operate cybersecurity program elements
  • perform day-to-day monitoring and operations

Q25. The _____ develops the strategic plans for the cybersecurity function.

  • CIO
  • CFO
  • CISO
  • CEO

Q26. The job with the title of _____ is frequently called on to manage the day-to-day operations of security technology as well as to assist in training programs, developing policies.

  • CISO
  • cybersecurity manager
  • security technician
  • security administrator

Q27. The job with the title of _____ is someone who may configure security technologies like firewalls and IDPSs, implement security software, diagnose and troubleshoot problems with cybersecurity technologies

  • CISO
  • cybersecurity manager
  • security engineer
  • security administrator

Q28. In recent years, there is a strong trend to make cybersecurity the responsibility of _____.

  • the highest ranking computer manager
  • a middle-level manager
  • the highest ranking security executive
  • the upper levels of management to include the boards of directors

Q29. _____ is an approach to cybersecurity management requiring direct oversignt by the board of directors or senior management.

  • Governance, risk management, and compliance (GRC)
  • People, plans, and practices (PPP)
  • Information technology governance inference (ITGI)
  • Computing governance tehnical framework (CGTF)

Q30. Cybersecurity governance, if properly implemented, can yield _____ benefits.

  • some
  • significant
  • few
  • no

Q31. The ISO 27014:2013 is the ISO 27000 series standard for _____.

  • governance of information security
  • risk management
  • compliance to standards
  • disaster recovery

Q32. What is a system development lifecycle or SDLC approach?

  • An approach to plan the hiring of a new systems manager.
  • A way to develop a new personnel evaluation approach.
  • A framework used to hire a design consultant.
  • A methodology for the design and implementation of a system or program.

Q33. Where does the name ‘waterfall model’ come from?

  • It is an acronym for the phases in the model.
  • It is the name of the person who first developed the model.
  • The work products of each phase fall into the next phase to serve as its starting point.
  • The first project it was used on was a redevelopment project for a waterfall.

Q34. The _____ phase of the SecSDLC begins with instructions from upper management specifying the process, outcomes, and goals of the project as well as its budget and other constraints.

  • analysis
  • implementation
  • design
  • investigation

Q35. The _____ phase of the SecSDLC is where the components of the recommended program are acquired, tested, implemented, and retested.

  • analysis
  • implementation
  • design
  • investigation

Q36. In the area of system development CIP stands for _____.

  • complementary innovation project
  • cybersecurity implementation plan
  • continuous improvement program
  • certified integrity plan

Q37. What are ‘non-normal’ operations?

  • What our organization does when the unexpected happens
  • What our organization does when customers are unhappy
  • What our organization does in routine operations
  • What out organization does when there are no tasks to be done immediately

Q38. Contingency planning is accomplished with all of the following except _____.

  • good luck
  • technical measures
  • plans
  • procedures

Q39. When something has gone wrong, the organization should respond _____.

  • instantly, whether ready to act or not
  • promptly, but in a measured and responsible way
  • quickly, in order to minimize losses
  • slowly, to make sure the proper actions are taken

Q40. The BIA is also known as the _____.

  • Business Impact Assay
  • Business Impact Analysis
  • Business Influence Assessment
  • Business Integration Analysis

Q41. A(n) _____ is an adverse event that could result in the loss, damage, destruction, or disclosure of an information asset.

  • outcome
  • disaster
  • incident
  • escalation

Q42. Crisis management planning is focused on the _____.

  • recovery of business data
  • people aspects of incidents or disasters
  • resumption of IT services
  • resumption of customer revenue

Q43. In cybersecurity, risk is focused on the loss of confidentiality, integrity, and availability of information assets.

  • True
  • False

Q44. The probability that a specific vulnerability within an organization will be attacked by a threat is called _____.

  • likelihood
  • impact
  • residual
  • reslilience

Q45. The consequence of a loss from the outcome of a successful attack on an information asset, known as the “magnitude of harm” is known as the _____.

  • likelihood
  • impact
  • result
  • influence

Q46. _____ can be defined as the quantity and nature of risk that the organization is willing to accept as it evaluates the trade-offs between security and accessibility.

  • Residual risk
  • Risk avoidance
  • Persistent risk
  • Risk appetite

Q47. _____ can be defined as the risk you have left after you’re done reducing risk to an acceptable level.

  • Residual risk
  • Risk avoidance
  • Persistent risk
  • Risk appetite

Q48. In the risk management methodology, finding where and what is the risk is known as _____.

  • risk identification
  • risk isolation
  • risk treatment
  • risk evaluation

Q49. The _____ is a high-level executive who can ensure that all subordinate managers will support the effort, without territory disputes, in-fighting, and other political games that can jeopardize the program.

  • project manager
  • assessment specialist
  • champion

Q50. The team that will perform the risk management assessment and recommends remediations where shortcomings are found is known as the _____ team.

  • RM factors
  • RM Framework
  • RM intermediation
  • RM process
Conclusion:

I hope this Cybersecurity Foundations for Risk Management Coursera Quiz Answers would be useful for you to learn something new from this problem. If it helped you then don’t forget to bookmark our site for more Coding Solutions.

This Problem is intended for audiences of all experiences who are interested in learning about Data Science in a business context; there are no prerequisites.

Keep Learning!

More Coding Solutions >>

LeetCode Solutions

Hacker Rank Solutions

CodeChef Solutions

Leave a Reply

Your email address will not be published.