Академический Документы
Профессиональный Документы
Культура Документы
file:///C:/Users/bpankey/CRISC/criscPracticeQuiz_fall2011_AnswerSheet.htm
Answer Sheet
CRISC Fall 2011 Practice Quiz #1
1) What is the most significant risk for the online retailer?
( ) Criminal Internet hacker
(x) Denial of service
( ) PCI DSS non-compliance
( ) Poor change management
2) Preventive controls are most appropriate where
( ) Event frequency is high
(x) Impact is high
( ) Timely detect controls are unavailable
( ) Event frequency is low but impact very large
12/8/2011 1:32 PM
2 of 3
file:///C:/Users/bpankey/CRISC/criscPracticeQuiz_fall2011_AnswerSheet.htm
6) Which of the following risk scenarios is least appropriate for an enterprise IT-related risk register?
( ) Project delivery
( ) Service provider performance (3rd Party)
( ) Natural disaster
(x) Earthquake
8) The statement that "Industry surveys report losses of corporate laptops exceeding 10% per annum"
does not effectively communicate risk because?
(x) Does not calculate the impact of a lost laptop
( ) Fails to account for Enterprise controls
( ) Does not identify rate of recovery
( ) Does not account for Enterprise plan to migrate to smart phones
12/8/2011 1:32 PM
3 of 3
file:///C:/Users/bpankey/CRISC/criscPracticeQuiz_fall2011_AnswerSheet.htm
12/8/2011 1:32 PM