You are preparing to complete the quantitative risk analysis process with your project team and several subject matter experts. You gather the necessary inputs including the project's cost management plan. Why is it necessary to include the project's cost management plan in the preparation for the quantitative risk analysis process?

A. The project's cost management plan can help you to determine what the total cost of the project is allowed to be.
B. The project's cost management plan provides direction on how costs may be changed due to identified risks.
C. The project's cost management plan provides control that may help determine the structure for quantitative analysis of the budget.
D. The project's cost management plan is not an input to the quantitative risk analysis process .

You are the project manager for your organization. You are working with your project team to complete the qualitative risk analysis process. The first tool and technique you are using requires that you assess the probability and what other characteristic of each identified risk in the project?

A. Risk owner
B. Risk category
C. Impact
D. Cost

Kelly is the project manager of the BHH project for her organization. She is completing the risk identification process for this portion of her project. Which one of the following is the only thing that the risk identification process will create for Kelly?

A. Project document updates
B. Risk register updates
C. Change requests
D. Risk register

Which of the following statements about System Access Control List (SACL) is true?

A. It contains a list of any events that are set to audit for that particular object.
B. It is a mechanism for reducing the need for globally unique IP addresses.
C. It contains a list of both users and groups and whatever permissions they have.
D. It exists for each and every permission entry assigned to any object.

Which of the following are the objectives of the security certification documentation task? Each correct answer represents a complete solution. Choose all that apply.

A. To prepare the Plan of Action and Milestones (POAM) based on the security assessment
B. To provide the certification findings and recommendations to the information system owner
C. To assemble the final security accreditation package and then submit it to the authorizing o fficial
D. To update the system security plan based on the results of the security assessment

Which of the following statements about the availability concept of Information security management is true?

A. It ensures that modifications are not made to data by unauthorized personnel or processes .
B. It ensures reliable and timely access to resources.
C. It determines actions and behaviors of a single individual within a system.
D. It ensures that unauthorized modifications are not made to data by authorized personnel or processes.

Joan is a project management consultant and she has been hired by a firm to help them identify risk events within the project. Joan would first like to examine the project documents including the plans, assumptions lists, project files, and contracts. What key thing will help Joan to discover risks within the review of the project documents?

A. The project documents will help the project manager, or Joan, to identify what risk identification approach is best to pursue.
B. Plans that have loose definitions of terms and disconnected approaches will reveal risks.
C. Poorly written requirements will reveal inconsistencies in the project plans and documents.
D. Lack of consistency between the plans and the project requirements and assumptions can be the indicators of risk in the project.

Which of the following documents is described in the statement below? "It is developed along with all processes of the risk management. It contains the results of the qualitative risk analysis, quantitative risk analysis, and risk response planning."

A. Project charter
B. Risk management plan
C. Risk register
D. Quality management plan

Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event?

A. Corrective action
B. Technical performance measurement
C. Risk audit
D. Earned value management

What project management plan is most likely to direct the quantitative risk analysis process for a project in a matrix environment?

A. Staffing management plan
B. Risk analysis plan
C. Human resource management plan
D. Risk management plan