Play It Safe: Manage Security Risks Weekly challenge 1 Quiz Answers
In this article i am gone to share Coursera Course: Play It Safe: Manage Security Risks | Weekly challenge 1 Quiz Answers with you..
Enroll Link: Play It Safe: Manage Security Risks
Also Visit: Play It Safe: Manage Security Risks Weekly challenge 4 Quiz Answers
Play It Safe: Manage Security Risks Weekly challenge 1 Quiz Answers
Question 1)
Fill in the blank: Security _____ refers to an organization’s ability to manage its defense of critical assets and data, as well as its ability to react to change.
- hardening
- architecture
- posture
- governance
Question 2)
Which of the following examples are key focus areas of the security and risk management domain? Select three answers.
- Be in compliance
- Mitigate risk
- Secure digital and physical assets
- Define security goals and objectives
Question 3)
What is the goal of business continuity?
- Destroy publicly available data
- Remove access to assets
- Maintain everyday productivity
- Reduce personnel
Question 4)
Shared responsibility is a core concept of which domain?
- Security and risk management
- Asset security
- Security architecture and engineering
- Communication and network security
Question 5)
A security analyst researches ways to improve access and authorization at their business. Their primary goal is to keep data secure. Which security domain does this scenario describe?
- Communication and network security
- Security assessment and testing
- Asset security
- Identity and access management
Question 6)
What are the key areas of focus in the security assessment and testing domain? Select three answers.
- Perform security audits
- Use secure coding practices
- Collect and analyze data
- Conduct security control testing
Question 7)
Fill in the blank: The software development _____ process may involve penetration testing during the deployment and implementation phase of developing software products.
- lifecycle
- access
- operational
- positioning
Question 8)
Which of the following statements accurately describe risk? Select all that apply.
- If compromised, a medium-risk asset may cause some damage to an organization’s reputation.
- Determining whether a risk is low, medium, or high depends on the possible threat and the asset involved.
- Assets with SPII, PII, or intellectual property are examples of high-risk assets.
- If compromised, a low-risk asset would not require ongoing monitoring or action.
Question 9)
A business experiences an attack. As a result, a major news outlet reports the attack, which creates bad press for the organization. What type of consequence does this scenario describe?
- Damage to reputation
- Increase in profits
- Loss of identity
- Lack of engagement
Question 10)
In the Risk Management Framework (RMF), which step involves being aware of how systems are operating?
- Implement
- Monitor
- Authorize
- Categorize
Question 11)
Fill in the blank: Security posture refers to an organization’s ability to react to _____ and manage its defense of critical assets and data.
- tasks
- competition
- change
- sustainability
Question 12)
Which of the following examples are key focus areas of the security and risk management domain? Select three answers.
- Maintain business continuity
- Follow legal regulations
- Define security goals
- Conduct control testing
Question 13)
What term describes an organization’s ability to maintain its everyday productivity by establishing risk disaster recovery plans?
- Business continuity
- Recovery
- Mitigation
- Daily defense
Question 14)
What security concept involves all individuals in an organization taking an active role in reducing risk and maintaining security?
- Employee retention
- Secure coding
- Shared responsibility
- Remote services
Question 15)
Which of the following activities may be part of establishing security controls? Select three answers.
- Monitor and record user requests
- Implement multi-factor authentication
- Collect and analyze security data regularly
- Evaluate whether current controls help achieve business goals
Question 16)
Fill in the blank: The software development _____ process may involve performing secure code reviews during the development and testing phases of software design.
- operations
- sequencing
- handling
- lifecycle
Question 17)
A business experiences an attack. As a result, its critical business operations are interrupted and it faces regulatory fines. What type of consequence does this scenario describe?
- Practical
- Identity
- Financial
- Reputation
Question 18)
Which of the following examples are key focus areas of the security and risk management domain? Select three answers.
- Maintain business continuity
- Follow legal regulations
- Store data properly
- Mitigate risk
Question 19)
Which of the following statements accurately describe risk? Select all that apply.
- If compromised, a low-risk asset would have a severe negative impact on an organization’s ongoing reputation.
- A high-risk asset is any information protected by regulations or laws.
- If compromised, a medium-risk asset may cause some damage to an organization’s ongoing operations.
- Another way to think of risk is the likelihood of a threat occurring.
Question 20)
In the Risk Management Framework (RMF), which step notes the importance of being accountable for potential risks and may involve generating reports or developing plans of action?
- Prepare
- Authorize
- Select
- Categorize
Question 21)
According to the concept of shared responsibility, how can an organization reduce risk and maintain security?
- Limit employee communication
- Establish a cross-functional workplace
- Ensure all employees take an active role in the process
- Avoid collaborative management approaches
Question 22)
A security analyst verifies users and monitors employees’ login attempts. The goal is to keep the business’s assets secure. Which security domain does this scenario describe?
- Security operations
- Identity and access management
- Communication and network security
- Security assessment and testing
Question 23)
Fill in the blank: The software development _____ process may involve performing a secure design review when building software products.
- staging
- operations
- lifecycle
- functionality
Question 24)
A business experiences an attack. As a result, sensitive personally identifiable information (SPII) is leaked through the dark web. What type of consequence does this scenario describe?
- Reputation
- Customer
- Identity theft
- Financial gain
Question 25)
How does business continuity enable an organization to maintain everyday productivity?
- By establishing risk disaster recovery plans
- By exploiting vulnerabilities
- By outlining faults to business policies
- By ensuring return on investment
Question 26)
How does security control testing enable companies to identify new and better ways to mitigate threats? Select two answers.
- By granting employee access to physical spaces
- By revising project milestones
- By evaluating whether the current controls help achieve goals
- By examining organizational goals and objectives
Question 27)
Fill in the blank: Security posture refers to an organization’s ability to react to change and manage its defense of _____ and critical assets.
- consequences
- gaps
- domains
- data
Question 28)
A security analyst considers ways to enhance data security at their business. They decide to write a proposal to their supervisor that concerns employee authorization and asset management. Which security domain does this scenario describe?
- Communication and network security
- Software development security
- Security assessment and testing
- Identity and access management
Question 29)
Which of the following statements accurately describe risk? Select all that apply.
- Website content or published research data are examples of low-risk assets.
- Organizations often rate risks at different levels: low, medium, and high.
- If compromised, a high-risk asset is unlikely to cause financial damage.
- If compromised, a medium-risk asset may cause some damage to an organization’s finances.
Question 30)
In the Risk Management Framework (RMF), which step involves having effective security and privacy plans in place in order to minimize the impact of ongoing risks?
- Prepare
- Categorize
- Authorize
- Implement