Which of the following mitigation strategies is established to reduce risk when performing updates to business critical systems?
A. Incident management
B. Server clustering
C. Change management
D. Forensic analysis
CompTIA exam questions
Which of the following mitigation strategies is established to reduce risk when performing updates to business critical systems?
A. Incident management
B. Server clustering
C. Change management
D. Forensic analysis
Which of the following is the BEST approach to perform risk mitigation of user access control rights?
A. Conduct surveys and rank the results.
B. Perform routine user permission reviews.
C. Implement periodic vulnerability scanning.
D. Disable user accounts that have not been used within the last two weeks.
Identifying residual risk is MOST important to which of the following concepts?
A. Risk deterrence
B. Risk acceptance
C. Risk mitigation D. Risk avoidance
Which of the following risk mitigation strategies will allow Ann, a security analyst, to enforce least privilege principles?
A. User rights reviews
B. Incident management
C. Risk based controls
D. Annual loss expectancy
Which of the following BEST represents the goal of a vulnerability assessment?
A. To test how a system reacts to known threats
B. To reduce the likelihood of exploitation
C. To determine the system’s security posture
D. To analyze risk mitigation strategies
The system administrator has deployed updated security controls for the network to limit risk of attack. The security manager is concerned that controls continue to function as intended to maintain appropriate security posture.
Which of the following risk mitigation strategies is MOST important to the security manager?
A. User permissions
B. Policy enforcement
C. Routine audits
D. Change management
Users in the HR department were recently informed that they need to implement a user training and awareness program which is tailored to their department. Which of the following types of training would be the MOST appropriate for this department?
A. Handing PII
B. Risk mitigation
C. Input validation
D. Hashing
A systems administrator has made several unauthorized changes to the server cluster that resulted in a major outage. This event has been brought to the attention of the Chief Information Office (CIO) and he has requested immediately implement a risk mitigation strategy to prevent this type of event from reoccurring. Which of the following would be the BEST risk mitigation strategy to implement in order to meet this request?
A. Asset Management
B. Change Management
C. Configuration Management
D. Incident Management
Identifying residual is MOST important to which of the following concepts?
A. Risk deterrence
B. Risk acceptance
C. Risk mitigation
D. Risk avoidance