Security+ Day 3

Control Types

Dealing with Risk

Quantitative Risk

Deflecting Risk

RTO

100

Access control list

What is a technical control?

100

What it's called when a report does not identify an actual threat.

What is false negative?

100

Lisa needs to calculate the total ALE for a group of servers used in the network. During the past two years, five of the servers failed. The hardware cost to replace each server is $3,500, and the downtime has resulted in $2,500 of additional losses. What is the ALE?

What is $10,000?

100

Choosing not to participate in an activity

What is risk-avoidance?

100

MTTR

What is mean time to repair?

200

acquiring new systems or services

What is management security control?

200

Jodi, a security administrator, needs to get her coworkers opinions to evaluate the current risk. What type of risk assessment is this?

What is qualitative risk assessment?

200

Bob needs to calculate the total ALE for a group of servers used in the network. During the past three years, 6 of the servers failed. The hardware cost to replace each server is $2,000. What is the ALE?

What is $4,000?

200

Putting security measure in place to lower the risk

What is risk mitigation?

200

RPO

What is recovery point objective?

300

performing an audit

What is technical security control?

300

Embedded links, attached files, fake sites, and rogue access points are all examples of this.

What are threat vectors?

300

Justin needs to calculate the SLE for switches on the network. During the past year, 10 of the switches failed. The current overall cost for all switches has been $20,000. What is the SLE?

What is $2,000?

300

Putting a fence around the work place

What is risk deterrence?

300

RTO

What is recovery time objectives?

400

security guards

What is operational security control?

400

This is a report that isn't true.

What is false positive?

400

Lisa needs to calculate the total ALE for a group of servers used in the network. During the past five years, five of the servers failed. The hardware cost to replace each server is $4,000, and the downtime has resulted in $5,000 of additional losses. What is the ALE?

What is $5,000?

400

Buying insurance

What is risk transference?

400

MTBF

What is mean time between failure?

500

evaluating risk based on the quantitative model

What is management security control?

500

These are the primary reasons we apply new patches for software.

What are vulnerabilities?

500

You need to calculate the ALE for a server. The value of the server is $3,000, but it has crashed 10 times in the past year. Each time it crashed, it resulted in a 10% loss. What is the ALE?

What is $3,000?

500

A business decision to pay out of pocket for a risk

What is risk acceptance?

500

MTTF

What is mean time to failure?