Question 1mediummultiple choice
Read the full IT Risk Assessment explanation →CRISC IT Risk Assessment • Complete Question Bank
Complete CRISC IT Risk Assessment question bank — all 0 questions with answers and detailed explanations.
Refer to the exhibit. ``` 2023-11-15 14:23:45 [CRITICAL] Failed login attempt for user 'admin' from IP 10.0.0.5 2023-11-15 14:23:46 [CRITICAL] Failed login attempt for user 'admin' from IP 10.0.0.5 2023-11-15 14:23:47 [CRITICAL] Failed login attempt for user 'admin' from IP 10.0.0.5 ... (repeated 100 times in 5 minutes) 2023-11-15 14:28:45 [INFO] Successful login for user 'admin' from IP 10.0.0.5 ```
Refer to the exhibit.
```
{
"PolicyName": "S3PublicAccessBlock",
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::customer-data/*"
}
]
}
```Refer to the exhibit. ``` Risk Register Extract: Risk ID | Asset | Vulnerability | Threat | Current Control | Likelihood | Impact | Risk Level R001 | WebApp | SQLi in login | Attacker | WAF | 3 | 5 | 15 R002 | DB Server | Weak password | Insider | Password policy | 2 | 4 | 8 R003 | Firewall | Misconfigured rule | External | Change management | 4 | 3 | 12 ``` Risk Rating Matrix: Likelihood (1-5) x Impact (1-5) = Risk Level (1-25). Thresholds: Low (1-6), Medium (7-12), High (13-25).
Refer to the exhibit. Vulnerability Scan Report (excerpt): Host: 10.10.50.100 Port: 443 (HTTPS) Finding: SSL/TLS certificate uses SHA-1 signature algorithm (CVE-2015-7575) Severity: Medium Remediation: Replace certificate with SHA-256 or higher. Host: 10.10.50.100 Port: 22 (SSH) Finding: OpenSSH version 7.2 is vulnerable to CVE-2016-6515 (DoS) Severity: Low Remediation: Upgrade to OpenSSH 7.3 or later.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag a concept onto its matching description — or click a concept then click the description.
Measures availability risk
Measures access control risk
Measures vulnerability management risk
Measures security awareness risk
Drag a concept onto its matching description — or click a concept then click the description.
Asset value × exposure factor
Annual frequency of occurrence
SLE × ARO
Percentage of asset lost per incident
Refer to the exhibit. Exhibit: CLI output from a vulnerability scanner: Host: 10.10.10.10 Port: 443 Vulnerability: CVE-2024-1234 CVSS Score: 9.8 Exploit Available: Yes Patch Available: No
Refer to the exhibit.
Exhibit: JSON snippet of a cloud security policy:
{
"Statement": [
{
"Effect": "Allow",
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::example-bucket/*",
"Condition": {
"Bool": {
"aws:SecureTransport": "true"
}
}
}
]
}Refer to the exhibit. Exhibit: Architecture diagram description: An e-commerce web application consists of a web server, application server, and database server in separate subnets. A WAF (Web Application Firewall) is placed in front of the web server. The web server communicates with the application server on port 8080, and the application server communicates with the database on port 3306.
Refer to the exhibit. === Vulnerability Scan Report (Excerpt) === Host: 10.0.1.25 (Critical Server) Vulnerability: CVE-2023-1234 (Remote Code Execution) Severity: Critical (CVSS 9.8) Status: Unpatched Host: 10.0.2.10 (Web Server) Vulnerability: CVE-2023-5678 (SQL Injection) Severity: High (CVSS 7.5) Status: Patched Host: 10.0.3.50 (File Server) Vulnerability: CVE-2022-9876 (Privilege Escalation) Severity: Medium (CVSS 5.0) Status: Compensating Control in Place === End of Exhibit ===
Refer to the exhibit.
{
"PolicyName": "IAMRoleAccessControl",
"Statement": [
{
"Effect": "Allow",
"Principal": { "AWS": "arn:aws:iam::123456789012:role/AdminRole" },
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::confidential-bucket/*",
"Condition": {
"IpAddress": { "aws:SourceIp": "10.0.0.0/16" }
}
},
{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::public-bucket/*"
}
]
}Refer to the exhibit. === Data Center Architecture Description === The data center has three layers: Core, Aggregation, and Access. The Core layer connects to the internet via redundant firewalls. The Aggregation layer hosts critical application servers in a DMZ. The Access layer connects to user workstations. There is no network segmentation between the DMZ and internal user networks. === End of Exhibit ===
Refer to the exhibit. syslog output: ``` Jan 15 14:23:45 server01 sshd[1234]: Failed password for root from 10.0.0.5 port 22 ssh2 Jan 15 14:23:50 server01 sshd[1234]: Failed password for root from 10.0.0.5 port 22 ssh2 Jan 15 14:23:55 server01 sshd[1234]: Failed password for root from 10.0.0.5 port 22 ssh2 ```
Refer to the exhibit.
JSON policy snippet:
```json
{
"effect": "Allow",
"principal": "*",
"action": "s3:GetObject",
"resource": "arn:aws:s3:::critical-data/*",
"condition": {
"IpAddress": {
"aws:SourceIp": "10.0.0.0/8"
}
}
}
```Refer to the exhibit. Architecture description: The organization has a three-tier web application: web servers (public subnet), application servers (private subnet), and database servers (private subnet). The web servers communicate with application servers via HTTPS. Application servers query the database using SQL with embedded credentials. The database has direct internet access for remote administration via SSH, but access is restricted to a single IP address of the DBA's home office.