Reduce Cyber Risk Podcast artwork

RCR 090: CISSP Exam Questions for Risk Analysis – CISSP Training and Study!

Reduce Cyber Risk Podcast

English - April 08, 2020 17:00 - 6 minutes - 9.71 MB - ★★★★★ - 16 ratings
Technology Business cybersecurity cissp cybersecuritycourse cybersecurityforbeginners cybersecurityfundamentals cybersecuritynews cybersecuritytraining isc2 itsecurity learncybersecurityfree Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: RCR 089: Trusted Computing Base and the CISSP – CISSP Training and Study!
Next Episode: RCR 091: CISSP Exam Questions for Risk Management – CISSP Training and Study!

Shon Gerber from ShonGerber.com provides you the information and knowledge you need to prepare and pass the CISSP Exam while providing the tools you need to enhance your cybersecurity career.  Shon utilizes his expansive knowledge while providing superior training from his years of training people in cybersecurity.   

BTW - Get access to all my Free Content and CISSP Training Courses here at:  https://shongerber.com/  

Available Courses:   

CISSP Training Course - https://www.shongerber.com/offers/zYsL6MCB  CISO Training Course - https://www.shongerber.com/offers/zd2RbL6o 

CISSP Exam Questions 

Question:  153 

 Which commercial business/private sector data classification is used to control information about individuals within an organization? 

A) Confidential 

B) Private 

C) Sensitive 

D) Proprietary 

 

Private 

 

The commercial business/private sector data classification of private is used to protect information about individuals. 

 

https://www.brainscape.com/subjects/cissp-domains 

------------------------------------ 

  

Question:  154 

Which of the following is not an element of the risk analysis process? 

A) Analyzing an environment for risks 

B) Creating a cost/benefit report for safeguards to present to upper management 

C) Selecting appropriate safeguards and implementing them 

D) Evaluating each threat event as to its likelihood of occurring and cost of the resulting damage 

 

Selecting appropriate safeguards and implementing them 

Risk analysis includes analyzing an environment for risks, evaluating each threat event as to its likelihood of occurring and the cost of the damage it would cause, assessing the cost of various countermeasures for each risk, and creating a cost/benefit report for safeguards to present to upper management. Selecting safeguards is a task of upper management based on the results of risk analysis. It is a task that falls under risk management, but it is not part of the risk analysis process. 

https://www.brainscape.com/subjects/cissp-domains 

------------------------------------ 

  

Question:  155 

Which of the following is not a defense against collusion? 

A) Separation of duties 

B) Restricted job responsibilities 

C) Group user accounts 

D) Job rotation 

 

Group user accounts 

 

Group user accounts allow for multiple people to log in under a single user account. This allows collusion because it prevents individual accountability. 

https://www.brainscape.com/subjects/cissp-domains 

 

Want to find Shon elsewhere on the internet? 

LinkedIn – www.linkedin.com/in/shongerber 

Facebook - https://www.facebook.com/CyberRiskReduced/ 

  

LINKS:  

ISC2 Training Study Guide  https://www.isc2.org/Training/Self-Study-Resources 

Shon Gerber from ShonGerber.com provides you the information and knowledge you need to prepare and pass the CISSP Exam while providing the tools you need to enhance your cybersecurity career.  Shon utilizes his expansive knowledge while providing superior training from his years of training people in cybersecurity.   

BTW - Get access to all my Free Content and CISSP Training Courses here at:  https://shongerber.com/  

Available Courses:   

CISSP Training Course - https://www.shongerber.com/offers/zYsL6MCB  CISO Training Course - https://www.shongerber.com/offers/zd2RbL6o 

CISSP Exam Questions 

Question:  153 

 Which commercial business/private sector data classification is used to control information about individuals within an organization? 

A) Confidential 

B) Private 

C) Sensitive 

D) Proprietary 

 

Private 

 

The commercial business/private sector data classification of private is used to protect information about individuals. 

 

https://www.brainscape.com/subjects/cissp-domains 

------------------------------------ 

  

Question:  154 

Which of the following is not an element of the risk analysis process? 

A) Analyzing an environment for risks 

B) Creating a cost/benefit report for safeguards to present to upper management 

C) Selecting appropriate safeguards and implementing them 

D) Evaluating each threat event as to its likelihood of occurring and cost of the resulting damage 

 

Selecting appropriate safeguards and implementing them 

Risk analysis includes analyzing an environment for risks, evaluating each threat event as to its likelihood of occurring and the cost of the damage it would cause, assessing the cost of various countermeasures for each risk, and creating a cost/benefit report for safeguards to present to upper management. Selecting safeguards is a task of upper management based on the results of risk analysis. It is a task that falls under risk management, but it is not part of the risk analysis process. 

https://www.brainscape.com/subjects/cissp-domains 

------------------------------------ 

  

Question:  155 

Which of the following is not a defense against collusion? 

A) Separation of duties 

B) Restricted job responsibilities 

C) Group user accounts 

D) Job rotation 

 

Group user accounts 

 

Group user accounts allow for multiple people to log in under a single user account. This allows collusion because it prevents individual accountability. 

https://www.brainscape.com/subjects/cissp-domains 

 

Want to find Shon elsewhere on the internet? 

LinkedIn – www.linkedin.com/in/shongerber 

Facebook - https://www.facebook.com/CyberRiskReduced/ 

  

LINKS:  

ISC2 Training Study Guide  https://www.isc2.org/Training/Self-Study-Resources