1. Security posture refers to an organization’s ability to react to change and manage its defense of critical assets and data.

2. The key focus areas of the security and risk management domain are: Conduct control testing, Define security goals, Maintain business continuity.

3. The term that describes an organization's ability to maintain its everyday productivity by establishing risk disaster recovery plans is Business continuity.

4. The security concept that involves all individuals in an organization taking an active role in reducing risk and maintaining security is Shared responsibility.

5. The security domain that describes a scenario where a security analyst verifies users and monitors employees’ login attempts to keep the business’s assets secure is Identity and access management.

6. The security domain that a security analyst is asked to conduct a security audit to identify vulnerabilities is related to Security assessment and testing.

7. When working in the software development security domain, security team members can use each phase of the software development lifecycle to conduct security reviews and ensure that security can be fully integrated into software products.

8. The statements that accurately describe risk are: Determining whether a risk is low, medium, or high depends on the possible threat and the asset involved. If compromised, a medium-risk asset may cause some damage to an organization's reputation. Assets with SPII, PII, or intellectual property are examples of high-risk assets.

9. The type of consequence that describes a scenario where a business experiences an attack, and as a result, a major news outlet reports the attack, which creates bad press for the organization is Damage to reputation.

10. In the Risk Management Framework (RMF), the implement step might involve implementing a plan to change password requirements in order to reduce requests to reset employee passwords.

Question

1. Security posture refers to an organization’s ability to react to change and manage its defense of critical assets and data.

2. The key focus areas of the security and risk management domain are: Conduct control testing, Define security goals, Maintain business continuity.

3. The term that describes an organization's ability to maintain its everyday productivity by establishing risk disaster recovery plans is Business continuity.

4. The security concept that involves all individuals in an organization taking an active role in reducing risk and maintaining security is Shared responsibility.

5. The security domain that describes a scenario where a security analyst verifies users and monitors employees’ login attempts to keep the business’s assets secure is Identity and access management.

6. The security domain that a security analyst is asked to conduct a security audit to identify vulnerabilities is related to Security assessment and testing.

7. When working in the software development security domain, security team members can use each phase of the software development lifecycle to conduct security reviews and ensure that security can be fully integrated into software products.

8. The statements that accurately describe risk are: Determining whether a risk is low, medium, or high depends on the possible threat and the asset involved. If compromised, a medium-risk asset may cause some damage to an organization's reputation. Assets with SPII, PII, or intellectual property are examples of high-risk assets.

9. The type of consequence that describes a scenario where a business experiences an attack, and as a result, a major news outlet reports the attack, which creates bad press for the organization is Damage to reputation.

10. In the Risk Management Framework (RMF), the implement step might involve implementing a plan to change password requirements in order to reduce requests to reset employee passwords.

Knowee AI · Accepted Answer