| Question.41 You are preparing to start the qualitative risk analysis process for your project. You will be relying on some organizational process assets to influence the process. Which one of the following is NOT a probable reason for relying on organizational process assets as an input for qualitative risk analysis? (A) Information on prior, similar projects (B) Review of vendor contracts to examine risks in past projects (C) Risk databases that may be available from industry sources (D) Studies of similar projects by risk specialists |
41. Click here to View Answer
Correct Answer: B
| Question.42 System Authorization is the risk management process. System Authorization Plan (SAP) is a comprehensive and uniform approach to the System Authorization Process. What are the different phases of System Authorization Plan? Each correct answer represents a part of the solution. Choose all that apply. (A) Pre-certification (B) Certification (C) Post-certification (D) Authorization (E) Post-Authorization |
42. Click here to View Answer
Correct Answer: A, B, D & E
| Question.43 A part of a project deals with the hardware work. As a project manager, you have decided to hire a company to deal with all hardware work on the project. Which type of risk response is this? (A) Avoidance (B) Mitigation (C) Exploit (D) Transference |
43. Click here to View Answer
Correct Answer: D
| Question.44 Risks with low ratings of probability and impact are included on a ____ for future monitoring. (A) Watchlist (B) Risk alarm (C) Observation list (D) Risk register |
44. Click here to View Answer
Correct Answer: A
| Question.45 Penetration testing (also called pen testing) is the practice of testing a computer system, network, or Web application to find vulnerabilities that an attacker could exploit. Which of the following areas can be exploited in a penetration test? Each correct answer represents a complete solution. Choose all that apply. (A) Social engineering (B) File and directory permissions (C) Buffer overflows (D) Kernel flaws (E) Race conditions (F) Information system architectures (G) Trojan horses |
45. Click here to View Answer
Correct Answer: A, B, C, D, E & G