CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. BCS
  5. CISMP-V9

Free CISMP-V9 Exam Braindumps (page: 5)

Page 5 of 26
PDF with 100 Questions

You are undertaking a qualitative risk assessment of a likely security threat to an information system. What is the MAIN issue with this type of risk assessment?

  1. These risk assessments are largely subjective and require agreement on rankings beforehand.
  2. Dealing with statistical and other numeric data can often be hard to interpret.
  3. There needs to be a large amount of previous data to "train" a qualitative risk methodology.
  4. It requires the use of complex software tools to undertake this risk assessment.

Answer(s): D



When calculating the risk associated with a vulnerability being exploited, how is this risk calculated?

  1. Risk = Likelihood * Impact.
  2. Risk = Likelihood / Impact.
  3. Risk = Vulnerability / Threat.
  4. Risk = Threat * Likelihood.

Answer(s): C



Which of the following is an accepted strategic option for dealing with risk?

  1. Correction.
  2. Detection.
  3. Forbearance.
  4. Acceptance

Answer(s): A



What Is the KEY purpose of appending security classification labels to information?

  1. To provide guidance and instruction on implementing appropriate security controls to protect the information.
  2. To comply with whatever mandatory security policy framework is in place within the geographical location in question.
  3. To ensure that should the information be lost in transit, it can be returned to the originator using the correct protocols.
  4. To make sure the correct colour-coding system is used when the information is ready for archive.

Answer(s): A



Page 5 of 26



Post your Comments and Discuss BCS CISMP-V9 exam with other Community members:

bob commented on September 09, 2024
clarification on the level of standards and policy
UNITED STATES
upvote

Lovedeep commented on March 30, 2024
To other guys out there who are going to take this exam. I want to share with you that this exam is extremely hard. Unless you study a lot and use these exam questions dumps you are not going to pass. I pass my exam after 2 attempt but these questions are word by word and was a live saver.
UNITED KINGDOM
upvote

Noobtastic commented on March 29, 2024
In a security governance framework, which of the following publications would be at the HIGHEST level? the answer should be policy
UNITED KINGDOM
upvote

dave commented on March 29, 2024
Question 8 from the official BCS text book "A policy is a high-level statement of an organisation’s values, goals and objectives in a specific area"
Anonymous
upvote

dave commented on March 29, 2024
Question 2 answer is wrong Availability is not one of AAA
Anonymous
upvote

sarra commented on January 17, 2024
the aaa triad in information security is authentication, accounting and authorisation so the answer should be d 1, 3 and 5.
UNITED KINGDOM
upvote

Nikki commented on November 07, 2023
The AAA Triad in Information Security is Authentication, Accounting and Authorisation so the answer should be D 1, 3 and 5.
UNITED KINGDOM
upvote