CERTIFIED-IN-CYBERSECURITY · Question #121
CERTIFIED-IN-CYBERSECURITY Question #121: Real Exam Question with Answer & Explanation
The correct answer is D: Determining the likelihood of occurrence of a set of risks. Determining the likelihood of occurrence of a set of risks involves estimating the likelihood that the identified risks will occur, along with the potential impact it could have on the organization. Once the likelihood of occurrence has been determined, the next step is to select
Question
When analyzing risks, which of these activities is required? ()
Options
- ASelecting the appropriate controls
- BIdentifying risks associated with loss of confidentiality
- CAccepting all evaluated risks
- DDetermining the likelihood of occurrence of a set of risks
Explanation
Determining the likelihood of occurrence of a set of risks involves estimating the likelihood that the identified risks will occur, along with the potential impact it could have on the organization. Once the likelihood of occurrence has been determined, the next step is to select the appropriate controls to mitigate those risks, such as encryption, access controls, or administrative controls (like policies and procedures). Identifying the risks associated with loss of confidentiality (such as unauthorized access or disclosure of sensitive data) is important but insufficient on its own, as many other risks must also be considered. Finally, accepting all evaluated risks is typically not advisable, as some risks should be mitigated or eliminated. Only risks at a residual level acceptable to the organization should be accepted.
Topics
Community Discussion
No community discussion yet for this question.