312-50V13 · Question #75
Which of the following is a component of a risk assessment?
The correct answer is A. Administrative safeguards. A risk assessment evaluates potential threats and vulnerabilities to an organization's assets and identifies controls to mitigate those risks, where administrative safeguards are a key category of such controls.
Question
Options
- AAdministrative safeguards
- BPhysical security
- CDMZ
- DLogical interface
How the community answered
(48 responses)- A90% (43)
- B4% (2)
- C4% (2)
- D2% (1)
Why each option
A risk assessment evaluates potential threats and vulnerabilities to an organization's assets and identifies controls to mitigate those risks, where administrative safeguards are a key category of such controls.
Administrative safeguards, which include policies, procedures, and personnel training, are a critical component of a comprehensive risk assessment, as they define how an organization manages and protects its information assets and are evaluated for their effectiveness in mitigating identified risks.
Physical security is a type of control, but 'administrative safeguards' is a broader category often evaluated as part of a risk assessment, encompassing policies and procedures for security management.
A DMZ (demilitarized zone) is a network architecture design for security, not a component of the risk assessment process itself.
A logical interface refers to a software-defined network connection and is not a direct component of a risk assessment methodology.
Concept tested: Risk assessment components and types of safeguards
Source: https://csrc.nist.gov/glossary/term/administrative_safeguards
Topics
Community Discussion
No community discussion yet for this question.