A. The assessment of the potential impact of a threat

B. The impact and likelihood of a threat

C. The creation of an incident response team

(ISC)2(ISC)2

CERTIFIED-IN-CYBERSECURITY · Question #69

CERTIFIED-IN-CYBERSECURITY Question #69: Real Exam Question with Answer & Explanation

The correct answer is D: The identification, evaluation and prioritization of risks. Risk Management is the process of identifying, assessing and mitigating risks (ISC2 Study Guide, chapter 1, module 2). "Impact and likelihood of a threat" is a definition of risk. "Creating an incident response team" and "assessing the potential impact of a threat" can be conside

Security Principles

Question

Risk Management is:

Options

AThe assessment of the potential impact of a threat
BThe impact and likelihood of a threat
CThe creation of an incident response team
DThe identification, evaluation and prioritization of risks

Explanation

Risk Management is the process of identifying, assessing and mitigating risks (ISC2 Study Guide, chapter 1, module 2). "Impact and likelihood of a threat" is a definition of risk. "Creating an incident response team" and "assessing the potential impact of a threat" can be considered Risk Management actions, but are not in themselves Risk Management.

Topics

#Risk Management#Cybersecurity Fundamentals#Risk Assessment

Community Discussion

No community discussion yet for this question.

Full CERTIFIED-IN-CYBERSECURITY Practice Browse All CERTIFIED-IN-CYBERSECURITY Questions