Maturing Risk Management Coursera Quiz Answers 2022 [💯Correct Answer]

Hello Peers, Today we are going to share all week’s assessment and quiz answers of the Maturing Risk Management course launched by Coursera totally free of cost✅✅✅. This is a certification course for every interested student.

In case you didn’t find this course for free, then you can apply for financial ads to get this course for totally free.

Check out this article – “How to Apply for Financial Ads?”

About The Coursera

Coursera, India’s biggest learning platform launched millions of free courses for students daily. These courses are from various recognized universities, where industry experts and professors teach very well and in a more understandable way.

---

Here, you will find Maturing Risk Management Exam Answers in Bold Color below.

These answers are updated recently and are 100% correct✅ answers of all week, assessment, and final exam answers of Maturing Risk Management from Coursera Free Certification Course.

Use “Ctrl+F” To Find Any Questions Answer. & For Mobile User, You Just Need To Click On Three dots In Your Browser & You Will Get A “Find” Option There. Use These Option to Get Any Random Questions Answer.

About Maturing Risk Management Course

In management science, maturing a process or practice means taking steps over time to make it more reliable, repeatable, and efficient. In practice, this means getting better every day and showing measurements that show improvement and pointing out other ways to get better.

Course Apply Link – Maturing Risk Management

Maturing Risk Management Quiz Answers

Week 01: Maturing Risk Management Coursera Quiz Answers

Knowledge Check: Change Management

Q1. What role does the release manager provide? (D1, L8.1)  

• Tests changes
• Maintains the configuration management database (CMDB)
• Audits changes
• Schedules deployment  

Q2. What role(s) should the security team have in the change management or controls process? Select all that apply.  (D1, L8.1)  

• Analyze proposed changes for security issues 
• Review changes for impacts to compliance requirements  
• Assess proposed changes for impacts to existing security policies or procedures
• Act in advisory capacity when the configuration control board asks for assistance
• Perform test case analysis to verify regression testing validates that security is intact
• Assist users in altering task-specific security procedures based on proposed changes
• Provide summary analysis of configuration control audits

Applied Scenario 1 Review: Physical Security Site Survey

Q1. You have been asked to join a team to investigate the site and perform a site survey to assess the suitability of the proposed location. What about these features could be a positive? Which could introduce a potential security risk?    Directions: For each item, indicate whether these features are a positive or negative for IMI’s proposed new location. (D1, L8.2)   

The site is large and reasonably separated from the town. 

• Positive
• Negative

Q2. There is a small body of water near the location.  

• Positive 
• Negative  

Q3. There is a residential area close by and employee parking is available.   

• Positive   
• Negative  

Q4. The road runs very close to the front of the site.

• Positive
• Negative   

Q5. There are many trees and shrubs around the site. 

• Positive  
• Negative 

Knowledge Check: Physical Security Considerations

Q,1 What is the primary goal of physical security?​ (D1, L8.2)  

• To delay
• To deter
• To protect​ 
• To respond

Q.2 Which of the following are common electrical problems?​ (D1, L8.2)

• Blackout
• Spike
• Surge
• All of these

Week 02: Maturing Risk Management Coursera Quiz Answers

Knowledge Check: The Human Element

Directions: Answer the true/false question regarding the data and the human element. Based on the information presented, the human element is the greatest security risk to an organization. (D1, L8.3)  

• True
• False

Activity 1: Design an Awareness Strategy

One of the reasons the human element presents such a large security risk is a lack of training. Training comes in several categories, but here we will consider perhaps the most encompassing — security awareness.  

Scenario: You are working as a security professional at a mid-level company. Employees are predominantly remote and there are several regional offices/branches. The corporate culture is team-oriented and stable. Employees are goal driven and eager to support the mission and vision of the organization, but change is adopted slowly and often seen as additional work to staff rather than a benefit.  

Q.1 Directions: For this activity, read the scenario presented and work in your group to design an effective security awareness training program. (D1, L8.3)  
How frequently should security awareness training be provided?  

• Daily  
• Weekly  
• Monthly 
• Yearly   

Q.2You want to provide messaging around the impact of a ransomware attack. Which would be the most impactful?  

• You want to provide messaging around the impact of a ransomware attack. Which would be the most impactful?  
• Make a compliance-driven message that stresses the possible penalties.  
• Make the message relevant to the individual on a personal level and stress how this would impact the organization. 
• Make the message general enough that it would never need to be updated.  
• All of these.

Q.3 Which of the following would be a way to assess the effectiveness of the security awareness training?

• Gamification   
• Mini quizzes 
• Surveys/Spot checks
• All of these

Q.4 Which of these is not a social engineering attack?​ (D1, L8.3)  

• Baiting
• Tailgating
• Shark​ing 
• Whaling  

Q,5 Which of the following best describes microtraining? (D1, L8.3)  

• One-on-one, hands-on, skills- and proficiency-focused
• Group activities geared toward gaining greater awareness of fine details of security practices
• Very short-duration, task-focused tactics, which challenge users to recognize and correctly deal with suspicious events, providing immediate feedback to users 
• Pejorative term referring to how most training programs somewhat fail to modify users’ security behavior

Knowledge Check: Conducting Vulnerability Assessments

Q.1 Directions: Check for understanding by answering the following true/false questions regarding vulnerability assessments. (D3, L8.4)  True or False? Vulnerability assessments are considered an active task.   

• True
• False

Q.2 True or False? A key part of the vulnerability assessment is the gathering of data needed to perform the assessment.   

• True
• False

Q.3 True or False? The results of the vulnerability assessment are documented in a report submitted to management for action. 

• True
• False

Knowledge Check: Host Security 

Q.1 What problem may arise when using vulnerability analysis tools? (D3, L8.4)  

• Scan data can be exported in a variety of formats.
• An incorrectly designed test may not yield any results.
• Scans include known vulnerabilities for software but not applications.
• There are no problems with using vulnerability analysis tools.  

Q.2 Which of the following is a benefit of vulnerability testing? (D3, L8.4) 

• It identifies system vulnerabilities.
• It allows for the prioritization of mitigation tasks based on system criticality and risk. 
• It is considered a useful tool for comparing security posture over time, especially when done consistently each period. 
• All of these.

Q.3 What are the two broad categories of vulnerability testing software? (D3, L8.4) 

• General and application-specific
• Application-specific and software-specific 
• General and non-general  
• None of these 

Knowledge Check: Perform Security Assessment Activities

Q.1 Which type of penetration test is carried out to mimic the actions of a user?  (D3, L8.4)    

• External   
• Zero knowledge
• Gray box
• Internal 

Q.2 Which of the following is not a potential problem associated with testing?  (D3, L8.4)  

• Conflict of interest
• System crash
• Information disclosure
• Temporal information

Week 03: Maturing Risk Management Coursera Quiz Answers

Chapter 8 Quiz: Maturing Risk Management

This quiz will help you to confirm your understanding and retention of concepts for this chapter. Please complete it by answering all questions, reviewing correct answers and feedback, and revisiting any chapter material you feel you need extra time with.

Instructions

1. This Assessment contains 10 objective item questions.
2. Recommended time limit is 20 minutes, 2 minutes per question.
3. Choose the best answer(s) for each question.
4. You have unlimited attempts and may complete this assessment as many times as you would like.
5. Passing grade for this quiz is 70%.
6. Score of highest attempt will be calculated.

Your score and quiz report

1. Each question carries 1 point.
2. For each question, a 1/1 point indicates correct answer and 0/1 point indicates incorrect answer which you see upon quiz submission.
3. Upon completion, you will be able to see your total number of attempts along with the score for each attempt.
4. Your overall grade reflects the score of your highest attempt.
5. Click on each attempt to view the completed quiz.

Q.1 Which data backup strategy allows data backup to an off site location via a WAN or internet connection? (D4, L8.4)

• Remote journaling
• Electronic vaulting
• Clustering

Q.2 Which of the following statements is most correct about incident response?​ (D4, L8.5)

• The goal is to prevent incidents from happening again.
• Incident response does not involve problem management.​
• Incident response does not require a policy.​
• The goal is to minimize damage and learn to be better prepared.

Q.3What is the recovery point objective (RPO)?​  (D4, L8.5)

• The maximum outage time​
• The maximum outage time for critical services
• The maximum amount of data loss
• The minimum amount of data loss

Q.4 Which of the following statements is true?​ (D4,L8.5)

• BCP and DR are the same​
• BCP is a part of DR
• DR is a part of BCP
• BCP and DR are mutually exclusive

Q.5 Which of the following is true? (D4,L8.5)

• MTD is the same as MTPD
• RPO is less than the MTD
• RPO deals with data
• All of these

Q.6 What is the last step in the change control process?​  (D1, L8.1)

• Implementation
• Authorization
• Notification

Q.7 A security audit is best defined as what?  (D3, L8.4)

• A covert series of tests designed to test network authentication, hosts and perimeter security
• A technical assessment that measures how well an organization uses security policies and controls to protect its information assets
• Employing an intrusion detection system (IDS) to monitor anomalous traffic on a network segment and logging attempted break-ins
• Hardening systems before deploying them on the corporate network

Q.8 What is the primary purpose of testing an intrusion detection system?  (D3, L8.4)

• To observe that the IDS is observing and logging an appropriate response to a suspicious activity
• To determine if the IDS is capable of discarding suspect packets
• To analyze processor utilization to verify whether hardware upgrades are necessary
• To test whether the IDS can log every possible event on the network

Q.9 Which of the following documents the steps that should be performed to restore IT functions after a business disruption event?  (D4, L8.5)

• Critical business functions
• Business continuity plan (BCP)
• Disaster recovery plan (DRP)
• Crisis communications plan

Q.10 In general, personnel safety assurance includes all of the following except which one? (D1, L8.2)

• Evacuation planning and facilities use planning
• Configuration management planning
• Alarms, notifications and processes for their use
• Education, training and awareness programs

More About This Course

Course 8: Maturing Risk Management

In management science, maturing a process or practice means taking steps over time to make it more reliable, repeatable, and efficient. In practice, this means getting better every day and showing measurements that show improvement and pointing out other ways to get better.

As we saw in chapters 1 and 2, risk management for organizations with a lot of information works best when evidence-based reasoning is used to find problems, describe them, and take the steps needed to solve them.

Course 8 will bring together a lot of different things that all have to do with managing the risks that come with information systems.

Also, we know that all organizations face the risk of cyber attacks. In this class, we’ll focus on putting these ideas together in the context of modeling, measuring, and monitoring continuous maturity. Risk alignment works best at the level of planning that is most focused on the long term.

On the other hand, risk maturation works best when it is part of normal business operations. This is sometimes called “operationalizing” one’s approach to risk management and growth. In order to make risk management work in the real world, we need to connect the life cycle models for systems, software, and data to the way business is done. We’ll look at security from the point of view of the workers who use the business logic and systems or the people who are in charge of the robots and IoT on the factory or warehouse floor. We’ll see what each of the different security disciplines can do for them. There are five parts to this course.

The 1st module is all about change management. It shows how this detailed, administratively intensive process is one of the most important ways to keep information systems safe. We’ll also look at how important it is for responding to incidents and fixing them.

Module 2 shows how physical security design principles are used to track and control the flow of physical objects into and out of different security zones. This module also looks at how planning and preparing for safety affect people, property, and the availability and reliability of systems and information.

Module 3 shows a different way to think about giving people in an organization the power and tools they need to make better contributions to and supporters of its information security. People haven’t been able to do their jobs safely and securely with the help of security training programs. Micro-chaining is a new idea that shows how security education and awareness can help make the security process better.

Module 4 shows us that assessing the security of a system should be done all the time. Security has always required honesty and staying alert all the time. Audits, both formal and informal, show how well an organization’s security controls work. As the controls continue to age, they keep getting better at what they do. Through business continuity and disaster recovery planning, module five brings together a lot of these ideas and concepts. The focus will be on operational support for these tasks, both when they are being planned and when they are being done. We’ve set up the basics so that you can put the ideas you’ve learned so far into a daily operational context.

Goals for learning in Course 8

When a person finishes this course, he or she will be able to:

L8.1: Name the operational parts of managing change.
L8.2: Give a brief summary of physical security issues.
L8.3: Create a plan for security education and awareness.
L8.4: Recognize common things that are done to check security.
L8.5: Sort the parts of a business continuity plan and a disaster recovery plan into different groups.

Course Agenda

Module 1: Take part in change management (Domain 1: Security Operations and Administration).
Module 2: Things to think about for physical security (Domain 1: Security Operations and Administration)
Module 3: Work together on security awareness and training (Domain 1: Security Operations and Administration).
Module 4: Do security assessment tasks (Domain 3: Identifying, tracking, and analyzing risks).
Module 5: Understand and support the Business Continuity Plan (BCP) and the Disaster Recovery Plan (DRP) (Domain 4: Incident Response and Recovery)

Beginners should take this course.

Experience Required: No prior experience is required

Conclusion

Hopefully, this article will be useful for you to find all the Week, final assessment, and Peer Graded Assessment Answers of the Maturing Risk Management Quiz of Coursera and grab some premium knowledge with less effort. If this article really helped you in any way then make sure to share it with your friends on social media and let them also know about this amazing training. You can also check out our other course Answers. So, be with us guys we will share a lot more free courses and their exam/quiz solutions also, and follow our Techno-RJ Blog for more updates.