CERTIFIED-IN-CYBERSECURITY · Question #312
CERTIFIED-IN-CYBERSECURITY Question #312: Real Exam Question with Answer & Explanation
The correct answer is C: Identifying and evaluating potential risks based on their likelihood and impact. Identifying and evaluating potential risks based on their likelihood and impact is a key component of the risk assessment process (see ISC2 Study Guide, Module 2, under Risk Assessment). Risk assessment is a crucial step in the risk management process, as it allows organizations
Question
Which of the following is a key component of the risk assessment process?
Options
- AFocusing solely on risks with minimal impact
- BIgnoring potential threats and vulnerabilities
- CIdentifying and evaluating potential risks based on their likelihood and impact
- DAvoiding the use of risk assessment methodologies or frameworks
Explanation
Identifying and evaluating potential risks based on their likelihood and impact is a key component of the risk assessment process (see ISC2 Study Guide, Module 2, under Risk Assessment). Risk assessment is a crucial step in the risk management process, as it allows organizations to understand better the potential risks they face and prioritize their efforts to address the most significant threats and vulnerabilities. Indeed, ignoring potential threats and vulnerabilities, focusing solely on risks with minimal impact, and avoiding the use of risk assessment methodologies or frameworks are all incorrect options, as these approaches either ignore or overlook important risks an organization
Topics
Community Discussion
No community discussion yet for this question.