Which of the following examples are key focus areas of the security and risk management domain? Select three answers.1 pointMitigate riskMaintain business continuityFollow legal regulationsStore data properly

Which of the following tasks are part of the security and risk management domain? Select all that apply.1 pointBusiness continuitySecuring physical assetsDefining security goals and objectivesCompliance

What is the focus of the security and risk management domain?1 pointManage and secure wireless communicationsSecure physical networks and wireless communicationsDefine security goals and objectives, risk mitigation, compliance, business continuity, and regulationsOptimize data security by ensuring effective processes are in place3.Question 3

Question 5Which domain involves defining security goals and objectives, risk mitigation, compliance, business continuity, and the law?1 pointIdentity and access managementSecurity architecture and engineeringSecurity and risk managementSecurity assessment and testing

1.Question 1Fill in the blank: Security posture refers to an organization’s ability to react to _____ and manage its defense of critical assets and data.1 pointcompetitionsustainabilitytaskschange2.Question 2Which of the following examples are key focus areas of the security and risk management domain? Select three answers.1 pointConduct control testingDefine security goalsFollow legal regulationsMaintain business continuity3.Question 3What term describes an organization's ability to maintain its everyday productivity by establishing risk disaster recovery plans?1 pointRecoveryBusiness continuityMitigationDaily defense4.Question 4What security concept involves all individuals in an organization taking an active role in reducing risk and maintaining security?1 pointRemote servicesEmployee retention Secure codingShared responsibility 5.Question 5A security analyst verifies users and monitors employees’ login attempts. The goal is to keep the business’s assets secure. Which security domain does this scenario describe?1 pointCommunication and network securitySecurity assessment and testingSecurity operationsIdentity and access management 6.Question 6A security analyst is asked to conduct a security audit to identify vulnerabilities. Which security domain is this task related to?1 pointSoftware development securitySecurity architecture and engineeringSecurity assessment and testingCommunication and network security7.Question 7Fill in the blank: When working in the software development security domain, security team members can use each phase of the software development _____ to conduct security reviews and ensure that security can be fully integrated into software products.1 pointsequencinglifecyclehandlingoperations8.Question 8Which of the following statements accurately describe risk? Select all that apply.1 pointIf compromised, a low-risk asset would not require ongoing monitoring or action.Determining whether a risk is low, medium, or high depends on the possible threat and the asset involved.If compromised, a medium-risk asset may cause some damage to an organization's reputation. Assets with SPII, PII, or intellectual property are examples of high-risk assets.9.Question 9A business experiences an attack. As a result, a major news outlet reports the attack, which creates bad press for the organization. What type of consequence does this scenario describe?1 pointLoss of identityIncrease in profitsLack of engagementDamage to reputation10.Question 10Fill in the blank: In the Risk Management Framework (RMF), the _____ step might involve implementing a plan to change password requirements in order to reduce requests to reset employee passwords.1 pointimplementauthorizecategorizeprepare

Question 9Which domain involves keeping data secure by ensuring users follow established policies to control and manage physical assets?1 pointCommunication and network securityIdentity and access managementSecurity and risk managementSecurity assessment and testing