CAS-003 · Question #488
CAS-003 Question #488: Real Exam Question with Answer & Explanation
The correct answer is D: Number of accounts accessing the system per day. A Key Risk Indicator must measure the risk most relevant to the asset's value and threat profile. The system holds non-public intellectual property in archived contracts that are no longer actively used-meaning legitimate access should be rare and limited to a small, known set of
Question
Options
- AAverage minutes of downtime per quarter
- BPercent of patches applied in the past 30 days
- CCount of login failures per week
- DNumber of accounts accessing the system per day
Explanation
A Key Risk Indicator must measure the risk most relevant to the asset's value and threat profile. The system holds non-public intellectual property in archived contracts that are no longer actively used-meaning legitimate access should be rare and limited to a small, known set of users. The primary risk is unauthorized access leading to data theft or leakage. Tracking the number of accounts accessing the system per day (D) directly measures this risk: any unexpected spike or access by unrecognized accounts signals a potential breach. Average downtime (A) is irrelevant because the contracts are inactive and high availability is not a business requirement. Patch compliance (B) is a general hygiene metric, not specific to the data-theft risk of this archive. Login failures per week (C) captures failed attempts but misses the more dangerous scenario of successful unauthorized access, which this KRI must detect.
Community Discussion
No community discussion yet for this question.