(ISC)2(ISC)2
CGRC · Question #1
CGRC Question #1: Real Exam Question with Answer & Explanation
The correct answer is A: Threat Event. A threat event is a specific occurrence or situation that has the potential to cause undesirable consequences or impact to an organization or its assets.
Security and Privacy Governance, Risk Management, and Compliance Program
Question
An event or situation that has the potential for causing undesirable consequences or impact. Response:
Options
- AThreat Event
- BThreat Assessment
- CThreat Source
- DThreat Scenario
Explanation
A threat event is a specific occurrence or situation that has the potential to cause undesirable consequences or impact to an organization or its assets.
Common mistakes.
- B. A threat assessment is the systematic process of identifying and evaluating potential threats, not the specific event itself.
- C. A threat source is the entity or agent (e.g., hacker, natural disaster) that initiates or exploits a vulnerability, not the event that materializes the threat.
- D. A threat scenario is a hypothetical description of how a threat event could occur and its potential impact, rather than the actual event.
Concept tested. Information security threat event definition
Topics
#Threat Event#Risk Management#Security Definitions
Community Discussion
No community discussion yet for this question.