CISSP · Question #1518
Drag and Drop Question Drag the following Security Engineering terms on the left to the BEST definition on the right. Answer:
The correct mappings are: 'Protection Needs' matches definition_1 because protection needs analysis is specifically the method used to identify CIA (confidentiality, integrity, availability) requirements for assets and characterize adverse impacts if those assets are compromised.
Question
Exhibit
Explanation
The correct mappings are: 'Protection Needs' matches definition_1 because protection needs analysis is specifically the method used to identify CIA (confidentiality, integrity, availability) requirements for assets and characterize adverse impacts if those assets are compromised. 'Risk' matches definition_2 because risk is classically defined as a measure of the extent to which an entity is threatened by a potential circumstance or event, combining likelihood and impact. 'Security Risk Treatment' refers to the process of selecting and implementing controls to modify risk (avoid, transfer, mitigate, accept), and 'Threat Assessment' is the process of identifying and evaluating threats based on their likelihood and potential impact - neither of which aligns with the provided definitions.
Topics
Community Discussion
No community discussion yet for this question.
