CRISC Risk Response and Mitigation • Complete Question Bank
Complete CRISC Risk Response and Mitigation question bank — all 0 questions with answers and detailed explanations.
Refer to the exhibit. Access List: ACL-01 10 deny ip host 10.1.1.10 any 20 permit tcp 10.1.1.0 0.0.0.255 any eq 443 30 permit udp 10.1.1.0 0.0.0.255 any eq 53 40 deny ip any any
Refer to the exhibit. ``` [Risk Register Excerpt] Risk ID: R-0042 Risk Description: Unauthorized access to customer PII due to weak database encryption Inherent Risk Score: 16 (Likelihood: 4, Impact: 4) Control: AES-256 encryption at rest (implemented) Residual Risk Score: 8 (Likelihood: 2, Impact: 4) Risk Appetite Threshold: 10 ```
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag a concept onto its matching description — or click a concept then click the description.
Eliminate the activity that causes the risk
Reduce the likelihood or impact of the risk
Shift the risk to a third party, e.g., insurance
Acknowledge the risk and take no further action
Drag a concept onto its matching description — or click a concept then click the description.
Risk level before controls are applied
Risk level after controls are applied
Amount of risk the organization is willing to accept
Acceptable deviation from risk appetite
Drag a concept onto its matching description — or click a concept then click the description.
Find and list potential risks
Determine likelihood and impact
Compare risk levels to risk criteria
Select and implement controls
Refer to the exhibit. Exhibit: Results from a vulnerability scan ``` Vulnerability Scan Report - 2024-01-15 Target: 192.168.1.0/24 Host: 192.168.1.10 Port 22/tcp: SSH protocol version 1.0 (critical) Port 80/tcp: Apache HTTP Server 2.2.3 (high) Port 443/tcp: OpenSSL 0.9.8 (high) Host: 192.168.1.20 Port 3389/tcp: RDP with weak encryption (medium) Port 445/tcp: SMB signing not required (medium) ```
Refer to the exhibit. Exhibit: Firewall rule configuration ``` access-list 100 permit tcp any any eq 80 access-list 100 permit tcp any any eq 443 access-list 100 permit tcp 10.0.0.0 0.255.255.255 any eq 22 access-list 100 deny ip any any ```
Refer to the exhibit. Exhibit: Error log from a web application ``` 2024-07-22 14:23:45 ERROR: org.hibernate.exception.ConstraintViolationException: could not execute statement 2024-07-22 14:23:45 ERROR: java.sql.SQLException: Duplicate entry 'admin' for key 'username' 2024-07-22 14:23:46 INFO: User 'admin' login successful ```
Refer to the exhibit. Firewall policy excerpt: access-list 100 deny ip 203.0.113.0 0.0.0.255 any deny ip 198.51.100.0 0.0.0.255 any permit ip any any
Refer to the exhibit. SIEM alert log: Time: 2025-03-20 14:23:45 Source IP: 10.0.1.50 Destination: server1.company.local (192.168.1.10) Event: Multiple failed logins (15 attempts in 30 seconds) Current state: No account lockout policy enabled.
Refer to the exhibit.
AWS S3 bucket policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::example-bucket/*"
}
]
}Risk ID | Inherent Risk | Controls | Residual Risk | Response Risk-001 | High | Firewall, IDS | Medium | Transfer Risk-002 | Medium | Encryption | Low | Accept Risk-003 | Critical | None | Critical | Mitigate
Vulnerability ID: VULN-001 Severity: Critical CVSS: 9.8 Port: 443 Service: HTTPS Status: Open Policy: All vulnerabilities with CVSS >= 9.0 must be remediated within 7 days.
Refer to the exhibit. Risk Register Excerpt: Asset: Customer Database Inherent Risk (Likelihood: High, Impact: High) => High Control Set: Access controls (effective), Encryption (effective), Intrusion Detection (moderate) Current Residual Risk: Medium Mitigation Options: A. Implement additional monitoring (cost: $50k, reduces residual to Low) B. Accept the residual risk (cost: $0) C. Transfer via cyber insurance (premium: $30k) D. Avoid by discontinuing database operations (cost: $2M) What is the most appropriate risk response given the current residual risk is Medium and the organization's risk appetite is Low?
A multinational corporation has recently experienced a significant increase in phishing attacks targeting its employees. The attacks have caused several data breaches, resulting in regulatory fines and reputational damage. The organization has implemented security awareness training for all employees, but the number of successful attacks remains high. Additionally, the organization's risk appetite for cybersecurity incidents is Low. The CRO has asked you to recommend a risk response. You have the following options:
A. Accept the risk because the training has reduced the likelihood, and further controls are too expensive. B. Transfer the risk by outsourcing all email and security operations to a managed security service provider (MSSP). C. Implement technical controls such as advanced email filtering and multi-factor authentication (MFA) to reduce the likelihood and impact of phishing attacks. D. Avoid the risk by discontinuing the use of email for business communications.
Which course of action is most appropriate given the organization's risk appetite and the current situation?