FreeCram
  1. Home
  2. PECB
  3. PECB Certified ISO/IEC 27005 Risk Manager
  4. PECB.ISO-IEC-27005-Risk-Manager.v2025-04-24.q27
  5. Question 11
<< Prev Question Next Question >>

Question 11/27

Scenario 1
The risk assessment process was led by Henry, Bontton's risk manager. The first step that Henry took was identifying the company's assets. Afterward, Henry created various potential incident scenarios. One of the main concerns regarding the use of the application was the possibility of being targeted by cyber attackers, as a great number of organizations were experiencing cyberattacks during that time. After analyzing the identified risks, Henry evaluated them and concluded that new controls must be implemented if the company wants to use the application. Among others, he stated that training should be provided to personnel regarding the use of the application and that awareness sessions should be conducted regarding the importance of protecting customers' personal data.
Lastly, Henry communicated the risk assessment results to the top management. They decided that the application will be used only after treating the identified risks.
According to scenario 1, what type of controls did Henry suggest?

LEAVE A REPLY

Your email address will not be published. Required fields are marked *

Question List (27q)
Question 1: After creating a plan for outsourcing to a cloud service pro...
Question 2: Based on NIST Risk Management Framework, what is the last st...
Question 3: Scenario 6: Productscape is a market research company headqu...
Question 4: Scenario 5: Detika is a private cardiology clinic in Pennsyl...
Question 5: An organization has installed security cameras and alarm sys...
Question 6: Scenario 3: Printary is an American company that offers digi...
Question 7: Scenario 4: In 2017, seeing that millions of people turned t...
Question 8: Scenario 2: Travivve is a travel agency that operates in mor...
Question 9: Scenario 8: Biotide is a pharmaceutical company that produce...
Question 10: Scenario 7: Adstry is a business growth agency that speciali...
Question 11: Scenario 1 The risk assessment process was led by Henry, Bon...
Question 12: Scenario 2: Travivve is a travel agency that operates in mor...
Question 13: Scenario 8: Biotide is a pharmaceutical company that produce...
Question 14: Scenario 1 The risk assessment process was led by Henry, Bon...
Question 15: What are opportunities?
Question 16: Scenario 6: Productscape is a market research company headqu...
Question 17: Scenario 4: In 2017, seeing that millions of people turned t...
Question 18: According to ISO 31000, which of the following is a principl...
Question 19: Scenario 3: Printary is an American company that offers digi...
Question 20: Scenario 2: Travivve is a travel agency that operates in mor...
Question 21: Based on the EBIOS RM method, which of the following is one ...
Question 22: Which activity below is NOT included in the information secu...
Question 23: Which of the following statements best defines information s...
Question 24: Scenario 3: Printary is an American company that offers digi...
Question 25: Scenario 4: In 2017, seeing that millions of people turned t...
Question 26: An organization decided to use nonnumerical categories, i.e....
Question 27: Scenario 8: Biotide is a pharmaceutical company that produce...