Skip to Main Content
Stepping Through Cybersecurity Risk Management
book

Stepping Through Cybersecurity Risk Management

by Jennifer L. Bayuk
March 2024
Beginner content levelBeginner
336 pages
10h 10m
English
Wiley
Content preview from Stepping Through Cybersecurity Risk Management

Appendix Exercises in FrameCyber

Chapter 1 Framework Elements

A True/False Questions

  1. Is it true or false that an enterprise cybersecurity framework can establish how technology supports business objectives’ design flaws?
  2. Is it true or false that risk issues are always identified via assessments?
  3. Is it true or false that standards and regulations measure cybersecurity risk?
  4. Is it true or false that an event that has occurred brings the probability of an event in its risk category to 100%?
  5. Is it true or false that risk managers rely on business managers for information required to evaluate cybersecurity risk?

B Multiple Choice

  1. What is the difference between a risk issue and a risk register?
    1. A risk issue is a preliminary draft of an entry in a risk register.
    2. A risk issue is monitored with metrics, but risks are not.
    3. A risk issue presents evidence that is helpful in evaluating risk, a risk register lists the risks themselves.
    4. There is no difference, they are the same thing.
  2. In what sense do standards and regulations measure cybersecurity risk?
    1. Standards and regulations provide comprehensive yardsticks by which to measure cybersecurity risk.
    2. Standards and regulations present control requirements that reduce risk.
    3. Standards and regulations can be used to identify potential cybersecurity risk issues.
    4. Standards and regulations are of minimal utility in measuring cybersecurity risk.
  3. Why might an enterprise maintain a threat catalog?
    1. Because most standards and regulations ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Risk Management for Cybersecurity and IT Managers

Risk Management for Cybersecurity and IT Managers

Jason Dion

Publisher Resources

ISBN: 9781394213955Purchase Link