Which of the following refers to the cost associated with a single realized risk against a specific asset?
Test your knowledge of the CISSP exam’s Domain 1: Security and Risk Management -- one of the heaviest-weighted portions of the test -- with this practice quiz. Show
The following quiz is excerpted from the CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide, 7th Edition, ©2015 John Wiley & Sons, All Rights Reserved. For IT professionals whose background may be more focused on hardware and software, the world of cybersecurity, risk management and compliance can be new, and sometimes challenging, territory. As opposed to the muscle-memory tasks like firewall configuration or patch deployment, the skills needed to navigate the shifting, strategic concepts of risk and compliance uses a different part of your brain. But these areas are critical for building a security program in any organization, from small businesses to global enterprises. The importance of these disciplines is not lost on the (ISC)2, which administers the Certified Information Systems Security Professional (CISSP) exam. Domain 1 of the certification exam, Security and Risk Management, is one of the most heavily weighted sections of the test. It accounts for 16% of the final score -- the largest amount assigned to the exam’s eight domains. Only other section of the test, Domain 7: Security Operations, shares the same weight. At a high level, Domain 1 covers cybersecurity, risk management, compliance, law, regulations and business continuity. According to (ISC)2, more specific concepts tested in Domain 1 include:
Planning to take the CISSP exam and obtain certification? Test your knowledge of Domain 1 with this practice quiz, comprising five multiple-choice questions and 10 true/false questions on key concepts, vocabulary and principles of cybersecurity, risk management, compliance and more. CISSP® is a registered mark of (ISC)². This was last published in July 2017 Dig Deeper on Careers and certifications
What Is Liquidity Risk?Liquidity is the ability of a firm, company, or even an individual to pay its debts without suffering catastrophic losses. Conversely, liquidity risk stems from the lack of marketability of an investment that can't be bought or sold quickly enough to prevent or minimize a loss. It is typically reflected in unusually wide bid-ask spreads or large price movements. Key Takeaways
Understanding Liquidity RiskCommon knowledge is that the smaller the size of the security or its issuer, the larger the liquidity risk. Drops in the value of stocks and other securities motivated many investors to sell their holdings at any price in the aftermath of the 9/11 attacks, as well as during the 2007 to 2008 global credit crisis. This rush to the exits caused widening bid-ask spreads and large price declines, which further contributed to market illiquidity. Liquidity risk occurs when an individual investor, business, or financial institution cannot meet its short-term debt obligations. The investor or entity might be unable to convert an asset into cash without giving up capital and income due to a lack of buyers or an inefficient market. Liquidity Risk in Financial InstitutionsFinancial institutions depend upon borrowed money to a considerable extent, so they're commonly scrutinized to determine whether they can meet their debt obligations without realizing great losses, which could be catastrophic. Institutions, therefore, face strict compliance requirements and stress tests to measure their financial stability. The Federal Deposit Insurance Corporation (FDIC) released a proposal in April 2016 that created a net stable funding ratio. It was intended to help increase banks’ liquidity during periods of financial stress. The ratio indicates whether banks own enough high-quality assets that can be easily converted into cash within one year. Banks rely less on short-term funding, which tends to be more volatile. During the 2008 financial crisis, many big banks failed or faced insolvency issues due to liquidity problems. The FDIC ratio is in line with the international Basel standard, created in 2015, and it reduces banks’ vulnerability in the event of another financial crisis. Liquidity Risk in CompaniesInvestors, managers, and creditors use liquidity measurement ratios when deciding the level of risk within an organization. They often compare short-term liabilities and the liquid assets listed on a company’s financial statements. If a business has too much liquidity risk, it must sell its assets, bring in additional revenue, or find another way to reduce the discrepancy between available cash and its debt obligations. Real-World ExampleA $500,000 home might have no buyer when the real estate market is down, but the home might sell above its listed price when the market improves. The owners might sell the home for less and lose money in the transaction if they need cash quickly so must sell while the market is down. Investors should consider whether they can convert their short-term debt obligations into cash before investing in long-term illiquid assets to hedge against liquidity risk. Which of the following is the formula used to determine risk?The Risk equation is known to be Risk = Hazard X Vulnerability.
Which formula is used to determine risks associated with an event?Risk is the combination of the probability of an event and its consequence. In general, this can be explained as: Risk = Likelihood × Impact.
What is residual risk in risk management?Residual risk is the risk that remains after efforts to identify and eliminate some or all types of risk have been made. Residual risk is important for several reasons. First to consider is that residual risk is the risk "left over" after security controls and process improvements have been applied.
What is SLE and ARO?Single loss expectancy (SLE), exposure factor (EF), annualized rate of occurrence (ARO) and annualized loss expectancy (ALE) are all key parts of figuring out the cost and benefit associated with risk. Learning how to handle and countermeasure risk is important.
|
