Information Technologies Deneme Sınavı Sorusu #585290

"A web site informs its users about the risk of losing some of their confidential data." Considering the possible actions of risk management, given action may be an example of which of the following?


Eliminating the risk

Transferring the risk

Accepting the risk

Rejecting the risk

Mitigating the risk


Yanıt Açıklaması:

Possible actions in risk management is eliminating or mitigating risk, assigning risk to a third party or transferring risk and accepting risk.  Suppose that the risk management has same set of actions for a computer based system that is connected to the Internet. There are numerous vulnerabilities in such a system so that malicious intruders can harm the system. Thus, the risk in this system is very high especially if the data is sensitive. To eliminate the risk, employing strong security primitives, e.g., installing an antivirus program, enabling a firewall and using trusted hardware and software will help to mitigate the risk. Again, transferring this risk to a third party is possible. Security can be guaranteed by a secure network service provider. For some situations, the system has to accept the risk since some websites provides minimal security that might lead a potential data loss or harm. Correct answer is C.

Yorumlar
  • 0 Yorum