You work as a project manager for BlueWell Inc. You with your team are using a method or a (technical) process that conceives the risks even if all theoretically possible safety measures would be applied. One of your team member wants to know that what is a residual risk. What will you reply to your team member?

A. It is a risk that remains because no risk response is taken.
B. It is a risk that remains after planned risk responses are taken.
C. It is a risk that can not be addressed by a risk response.
D. It is a risk that will remain no matter what type of risk response is offered.

In what portion of a project are risk and opportunities greatest and require intense planning and anticipation of risk events?

A. Planning
B. Executing
C. Closing
D. Initiating

Bill is the project manager of the JKH Project. He and the project team have identified a risk event in the project with a high probability of occurrence and the risk event has a high cost impact on the project. Bill discusses the risk event with Virginia, the primary project customer, and she decides that the requirements surrounding the risk event should be removed from the project. The removal of the requirements does affect the project scope, but it can release the project from the high risk exposure. What risk response has been enacted in this project?

A. Avoidance
B. Acceptance
C. Transference
D. Mitigation

You are the project manager of the NHQ project for your company. Management has told you that you must implement an agreed upon contingency response if the Cost Performance Index in your project is less than 0.90. Consider that your project has a budget at completion of $250,000 and is 60 percent complete. You are scheduled to be however, 75 percent complete, and you have spent $165,000 to date. What is the Cost Performance Index for this project to determine if the contingency response should happen?

A. 0.88
B. 0.80
C. -$37,500
D. 0.91

Which of the following RMF phases identifies key threats and vulnerabilities that could compromise the confidentiality, integrity, and availability of the institutional critical assets?

A. Phase 2
B. Phase 1
C. Phase 3
D. Phase 0

Which of the following is NOT an objective of the security program?

A. Security organization
B. Security plan
C. Security education
D. Information classification

Elizabeth is a project manager for her organization and she finds risk management to be very difficult for her to manage. She asks you, a lead project manager, at what stage in the project will risk management become easier. What answer best resolves the difficulty of risk management practices and the effort required?

A. Risk management only becomes easier the more often it is practiced.
B. Risk management is an iterative process and never becomes easier.
C. Risk management only becomes easier when the project moves into project execution.
D. Risk management only becomes easier when the project is closed.

Which of the following are the goals of risk management? Each correct answer represents a complete solution. Choose three.

A. Finding an economic balance between the impact of the risk and the cost of the counterme asure
B. Identifying the risk
C. Assessing the impact of potential threats
D. Identifying the accused

Security Test and Evaluation (ST&E) is a component of risk assessment. It is useful in discovering system vulnerabilities. For what purposes is ST&E used? Each correct answer represents a complete solution. Choose all that apply.

A. To implement the design of system architecture
B. To determine the adequacy of security mechanisms, assurances, and other properties to enforce the security policy
C. To assess the degree of consistency between the system documentation and its implement ation
D. To uncover design, implementation, and operational flaws that may allow the violation of security policy

Henry is the project manager of the QBG Project for his company. This project has a budget of $4,576,900 and is expected to last 18 months to complete. The CIO, a stakeholder in the project, has introduced a scope change request for additional deliverables as part of the project work. What component of the change control system would review the proposed changes' impact on the features and functions of the project's product?

A. Cost change control system
B. Scope change control system
C. Integrated change control
D. Configuration management system