INFORMATION SECURITY FUNDAMENTALS
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Copyright © 2004 by Course Technology. All rights reserved.This publication is protected by federal copyright law. No part of this publication<br />
may be reproduced without prior permission in writing from Course Technology. Some of the product names and company names have been<br />
used for identification purposes only and may be trademarks or registered trademarks of their respective manufactures and sellers.<br />
8 Chapter 1 Information Security Fundamentals<br />
3. What is the risk to the company of the event occurring?<br />
Risk refers to the company’s ability to protect itself in the face of the event<br />
occurring, not to the likelihood of the event happening.<br />
4. Rate the potential risk as:<br />
■ Low—Requires some attention and consideration for safeguard implementation<br />
as good business practice<br />
■ Moderate—Requires attention and safeguard implementation in the near<br />
future<br />
■ High—Requires immediate attention and safeguard implementation<br />
Certification Objectives<br />
Objectives for CompTIA Security+ Exam:<br />
Operational/Organizational Security: Risk Assessment<br />
Review Questions<br />
1. A company puts a in place to protect against an attack.<br />
a. risk<br />
b. safeguard<br />
c. vulnerability<br />
d. threat<br />
2. Risk refers to a company’s ability to protect itself from the likelihood of an<br />
event occurring.True or False?<br />
3. A is considered a breakdown in company protection.<br />
a. risk<br />
b. safeguard<br />
c. vulnerability<br />
d. threat<br />
4. Which of the following are considered safeguards?<br />
a. after-hours security<br />
b. surveillance cameras<br />
c. firewalls<br />
d. all of the above