nerdexam
EC-Council

312-50V11 · Question #570

Which of the following is a component of a risk assessment?

The correct answer is B. Administrative safeguards. A risk assessment evaluates threats, vulnerabilities, and controls across an organization. Administrative safeguards are formal policies and procedures that are a core component of a risk assessment framework.

Information Security and Ethical Hacking Fundamentals

Question

Which of the following is a component of a risk assessment?

Options

  • APhysical security
  • BAdministrative safeguards
  • CDMZ
  • DLogical interface

How the community answered

(52 responses)
  • A
    2% (1)
  • B
    92% (48)
  • C
    2% (1)
  • D
    4% (2)

Why each option

A risk assessment evaluates threats, vulnerabilities, and controls across an organization. Administrative safeguards are formal policies and procedures that are a core component of a risk assessment framework.

APhysical security

Physical security is a category of security controls, not a component of the risk assessment process itself.

BAdministrative safeguardsCorrect

Administrative safeguards are policies, procedures, and training measures that govern how an organization manages risk and protects sensitive information. They are explicitly recognized as a component of risk assessments under frameworks such as HIPAA and NIST, addressing management and operational controls used to reduce risk.

CDMZ

A DMZ is a network architecture element used to segment trusted and untrusted zones, not a component of a risk assessment.

DLogical interface

A logical interface is a network or system configuration concept, not a recognized element of a risk assessment methodology.

Concept tested: Risk assessment components and administrative safeguards

Source: https://csrc.nist.gov/publications/detail/sp/800-30/rev-1/final

Topics

#risk assessment#administrative safeguards#security management#risk components

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice