1. Right Answer: A,C,D
Explanation: The risk register is updated at the end of the plan risk response process with the information that was discovered during the process. The response plans are recorded in the risk register.Project management plan consisting of WBS, schedule baseline and cost performance baseline should be updated. After planning risk response process, there may be requirement of updating project documents like technical documentation and assumptions, documented in the project scope statement.If risk response strategies include responses such as transference or sharing, it may be necessary to purchase services or items from third parties. Contracts for those services can be prepared and discussed with the appropriate parties.Incorrect Answers:B: Controls are implemented in the latter stage of risk response process. It is not immediate task after the planning of risk response process, as updating of several documents is done first.The purpose of the Plan Risk Responses process is to develop risk responses for those risks with the highest threat to or best opportunity for the project objectives. The Plan Risk Responses process has four outputs: Risk register updates Risk-related contract decisions Project management plan updates Project document updates

2. Right Answer: A,B
Explanation: Assets are the economic resources owned by business or company. Anything tangible or intangible that one possesses, usually considered as applicable to the payment of one's debts, is considered an asset. An asset can also be defined as a resource, process, product, computing infrastructure, and so forth that an organization has determined must be protected.Tangible asset: Tangible are those asset that has physical attributes and can be detected with the senses, e.g., people, infrastructure, and finances.Intangible asset: Intangible are those asset that has no physical attributes and cannot be detected with the senses, e.g., information, reputation and customer trust.

3. Right Answer: A
Explanation: The monitor and control project risk process resides in the monitoring and controlling project management process group. This process is responsible for implementing risk response plans, tracking identified risks, monitoring residual risks, identifying new risks, and evaluating risk process effectiveness through the project.Incorrect Answers:B: Risk response plans are implemented as part of the monitoring and controlling process group.C: Risk response plans are not implemented as part of project planning.D: Risk response plans are not implemented as part of project execution.

4. Right Answer: D
Explanation: The probability and impact matrix is a technique to prioritize identified risks of the project on their risk rating, and are being prepared while performing qualitative risk analysis. Evaluation of each risk's importance and, hence, priority for attention, is typically conducted using a look-up table or a probability and impact matrix.This matrix specifies combinations of probability and impact that lead to rating the risks as low, moderate, or high priority.Incorrect Answers:A, B: These processes are part of Risk Management. The probability and impact matrix is prepared during the qualitative risk analysis for further quantitative analysis and response based on their risk rating.C: SLE, ARO and ALE are used in quantitative risk assessment.

5. Right Answer: B
Explanation: Exploit response is one of the strategies to negate risks or threats that appear in a project. This strategy may be selected for risks with positive impacts where the organization wishes to ensure that the opportunity is realized. Exploiting a risk event provides opportunities for positive impact on a project. Assigning more talented resources to the project to reduce the time to completion is an example of exploit response.Incorrect Answers:A: The enhance strategy closely watches the probability or impact of the risk event to assure that the organization realizes the benefits. The primary point of this strategy is to attempt to increase the probability and/or impact of positiveC: Risk acceptance means that no action is taken relative to a particular risk; loss is accepted if it occurs.D: The share strategy is similar as transfer because in this a portion of the risk is shared with an external organization or another internal entity.