Fill in the blank: Security _____ refers to an organization’s ability to manage its defense of critical assets and data, as well as its ability to react to change.1 pointgovernancehardening posturearchitecture

ill in the blank: Security posture refers to an organization’s ability to react to _____ and manage its defense of critical assets and data.1 pointtaskschangecompetitionsustainability

1.Question 1Fill in the blank: Security posture refers to an organization’s ability to react to _____ and manage its defense of critical assets and data.1 pointcompetitionsustainabilitytaskschange2.Question 2Which of the following examples are key focus areas of the security and risk management domain? Select three answers.1 pointConduct control testingDefine security goalsFollow legal regulationsMaintain business continuity3.Question 3What term describes an organization's ability to maintain its everyday productivity by establishing risk disaster recovery plans?1 pointRecoveryBusiness continuityMitigationDaily defense4.Question 4What security concept involves all individuals in an organization taking an active role in reducing risk and maintaining security?1 pointRemote servicesEmployee retention Secure codingShared responsibility 5.Question 5A security analyst verifies users and monitors employees’ login attempts. The goal is to keep the business’s assets secure. Which security domain does this scenario describe?1 pointCommunication and network securitySecurity assessment and testingSecurity operationsIdentity and access management 6.Question 6A security analyst is asked to conduct a security audit to identify vulnerabilities. Which security domain is this task related to?1 pointSoftware development securitySecurity architecture and engineeringSecurity assessment and testingCommunication and network security7.Question 7Fill in the blank: When working in the software development security domain, security team members can use each phase of the software development _____ to conduct security reviews and ensure that security can be fully integrated into software products.1 pointsequencinglifecyclehandlingoperations8.Question 8Which of the following statements accurately describe risk? Select all that apply.1 pointIf compromised, a low-risk asset would not require ongoing monitoring or action.Determining whether a risk is low, medium, or high depends on the possible threat and the asset involved.If compromised, a medium-risk asset may cause some damage to an organization's reputation. Assets with SPII, PII, or intellectual property are examples of high-risk assets.9.Question 9A business experiences an attack. As a result, a major news outlet reports the attack, which creates bad press for the organization. What type of consequence does this scenario describe?1 pointLoss of identityIncrease in profitsLack of engagementDamage to reputation10.Question 10Fill in the blank: In the Risk Management Framework (RMF), the _____ step might involve implementing a plan to change password requirements in order to reduce requests to reset employee passwords.1 pointimplementauthorizecategorizeprepare

Fill in the blank: A security _____ is a review of an organization's security controls, policies, and procedures against a set of expectations.1 pointclassificationexaminationauditsurvey

What term is used to describe the process of making something more secure, typically by implementing a secure configuration or adding something to improve security?1 pointHardenControlAvoidanceCIA

Fill in the blank: A security _____ is a set of guidelines used for building plans to help mitigate risk and threats to data and privacy.1 pointregulationcontrolframeworklifecycle