1. Foundations of Security

Risk Management — Quiz

Test your understanding of risk management with 5 practice questions.

Practice Questions

Question 1

Which of the following risk assessment methodologies focuses on a top-down approach, starting with organizational objectives and systematically identifying risks that could impact those objectives?

Question 2

In the context of quantitative risk analysis, if the Annualized Loss Expectancy (ALE) for a specific risk is calculated as $ ALE = ARO \times SLE $, where ARO is the Annualized Rate of Occurrence and SLE is the Single Loss Expectancy, what is the primary challenge in accurately determining the Single Loss Expectancy (SLE) for intangible assets like reputation or customer trust?

Question 3

A security team is evaluating a new intrusion detection system (IDS) that costs $$ \$75,000 $ annually. The IDS is expected to reduce the Annualized Loss Expectancy (ALE) from $ \$200,000 $ to $ \$80,000 $$. What is the Return on Security Investment (ROSI) for this control?

Question 4

Which of the following best describes the 'risk avoidance' strategy in risk management?

Question 5

In a qualitative risk assessment, a risk matrix is used to categorize risks. If a specific risk is plotted as 'High' likelihood and 'Critical' impact, what is the most appropriate immediate strategic response?