Reference no: EM132299545
1. What does it mean to say that a firm has dynamic capabilities?
That it is continually changing and adapting to the environment.
That it is able to maintain competitive advantage over time.
That it owns and utilizes and well-developed set of strategic resources.
That it has a set of activities that it performs exceptionally well.
2. A strategy of data at rest, data in motion, and data in use is the proper mantra for developing a plan for securing cloud based information systems.
True
False
3. The CBA for an information security countermeasure is calculated as:
a. Cost of countermeasure * interval of failure
b. ALE – Actual cost of countermeasure + Expense of implementation
c. ALE (post) – ALE (current) – Actual cost of countermeasure
d. None of the above
4. The primary difference between the minimization and the mitigation of risk management is
a. Risk minimization focuses on small risks, and risk mitigation focuses on larger risks.
b. Risk minimization means to focus on ways to minimize the potential for risk to actually occur and mitigation means to accept the inevitability of the manifestation of the risk and plan for the backup and recovery of the risk.
c. Minimization means to scale back the amount of information that could be at risk, while mitigation means to reduce risk through the application of encryption to avoid the compromise of information.
d. All of the above.
e. None of the above
5. Why is learning as much as possible about a competitor’s culture is important?
It allows for reaching an understanding of the competitor’s financial results.
It allows for detecting patterns in a competitor’s behavior.
It allows for identifying your firm’s weakness, strengths, and capabilities.
It allows for gaining a skin-deep review of the competition.
6. In terms of the “deception and foreknowledge” principle, foreknowledge is about projecting the future based on the past or, in other words, it is about simple trend analysis.
True
False