Quiz
Question 1
What is risk?
Solution
The happening of an event is uncertain, with possibility to bring positive and/or negative impacts
Question 2
In the lecture video 1.2, Prof. Dias mentioned that internal man-made threat is more serious than an external man-made threat. Why is it so?
Solution
Internal man-made threat is relatively more difficult to be prevented as if a staff is intended to steal the digital assets which he / she is being granted with corresponding access rights to such digital assets according to his/her roles
Question 3
When determine the risk level of an event, which two elements of such event should be assessed?
Question 4
When making decisions to mitigate a risk, which of the following statement is NOT correct?
Question 5
After the remaining risk is being transferred to third party after the completion of risk mitigation exercise, which of the following statement is correct?
Solution
The same risk level remains, however the impact posses by the relevant event will be compensated by the third party
Question 6
When is the best time to conduct risk re-evaluation against an activity?
Question 7
Which of the following is a detective control to address unauthorized network access?
Question 8
Preventive controls could prevent a risk being realized. Should we only implement preventive controls?
Solution
No – none of the preventive, detective and corrective controls could solely help to mitigate risk effectively, and not everything risk can be prevented or detected so implementing a combination of these types of controls would provide the best protection to the organisation
Question 9
What is the control category of “data backup and restoration”?
Question 10
Your company is looking into the feasibility of building the data center near the coast and your supervisor would like you to conduct a risk assessment exercise. How would you get started?
Last updated