CRISC • Timed Practice Test 5
This is a timed practice session. You have 10 minutes to answer 10 questions — approximately 1 minute per question, matching real CRISC exam pace. Answer every question before time expires.
Time remaining
10:00
Exam-pace drill
Allow 1 minute per question. On the real CRISC exam you have approximately 72 seconds per question — this session trains you to maintain that pace under pressure.
Refer to the exhibit. An organization has identified vulnerabilities on a critical server. The risk owner has limited resources and can remediate only one finding this quarter. Based on the information provided, which approach is the most appropriate risk assessment decision?
Refer to the exhibit. Vulnerability Scan Report (excerpt): Host: 10.10.50.100 Port: 443 (HTTPS) Finding: SSL/TLS certificate uses SHA-1 signature algorithm (CVE-2015-7575) Severity: Medium Remediation: Replace certificate with SHA-256 or higher. Host: 10.10.50.100 Port: 22 (SSH) Finding: OpenSSH version 7.2 is vulnerable to CVE-2016-6515 (DoS) Severity: Low Remediation: Upgrade to OpenSSH 7.3 or later.