Fill in the blank: In an internal security audit, _____ refers to identifying people, assets, policies, procedures, and technologies that might impact an organization’s security posture.1 pointscopecompleting a controls assessmentimplementing administrative controlsgoals

Fill in the blank: In an internal security audit, _____ involves identifying potential threats, risks, and vulnerabilities in order to decide what security measures should be implemented.1 pointconducting a risk assessmentestablishing the scope and goalscommunicating to stakeholdersassessing compliance

A security analyst performs an internal security audit. They review their company’s existing assets, then evaluate potential risks to those assets. Which aspect of a security audit does this scenario describe?1 pointEstablishing the scope and goalsCompleting a controls assessmentAssessing complianceCommunicating results

What are some of the primary objectives of an internal security audit? Select three answers.1 pointImprove security postureDevelop a guiding security statement for the businessHelp security teams identify organizational riskAvoid fines due to a lack of compliance

What occurs during a security audit?1 pointReview of an organization’s security records, activities, and other related documentsPrioritizing tasks, processes, and proceduresEthical hacking of an organization's internal network to identify vulnerabilitiesAnalyzing the efficiency of an organization's internal network

10.Question 10What information is typically communicated to stakeholders after completion of an internal security audit? Select three answers.1 pointQuestions about specific controlsA summary of the scopeResults and recommendationsA list of existing risks