CISSP PRACTICE QUESTIONS – 20200306

Effective CISSP Questions

Because of being subject to the risk of data integrity and availability, some global cloud service providers give up building data centers in regions where power supply is unstable. Which of the following risk treatment options or risk response strategies best describes the decision?
A. Risk elimination
B. Risk rejection
C. Risk aversion
D. Risk avoidance


Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is D. Risk avoidance.

Risk avoidance is commonly accepted as one of the general or standard risk treatment options or risk response strategies. It means giving up some activities or conditions that give rise to risk.

Risk elimination and risk rejection are rare and not standard terminologies used across risk management frameworks. However, they may be mentioned in some books or conversations.

  • Risk elimination may refer to mitigate or reduce risk (exposure) to none or zero. It conflicts the generally accepted concept that risk is typically managed to an acceptable level, and it’s not possible to altogether remove or eliminate risk.
  • Risk rejection may refer to a situation that risk may exist, but people refuse to admit its existence. The COVID 19 virus is a good example that the Chinese government refused to admit it is a human-to-human transmission virus and will go epidemic. Ignorance or cover-up of the risk has lad to the severe consequences of a global pandemic.

Risk attitude has three forms: risk-aversion, risk-seeking, and risk-neutral. Risk attitude affects the risk appetite. It is not the risk treatment or risk response.

 

 

 

 

 

References


移動代碼是通過網絡傳輸並在遠程計算機上執行的代碼。 移動代碼開發人員幾乎無法控制其代碼將在其中執行的環境。 但是,移動代碼的特殊安全問題變得很重要。 以下哪項不被視為移動代碼?
A. Android or IOS Apps
B. Adobe Flash animations
C. Javascript code from the webserver
D. Java Applets as the browser plugin

2 thoughts on “CISSP PRACTICE QUESTIONS – 20200306

Leave a Reply