nerdexam
(ISC)2

CISSP · Question #1518

Drag and Drop Question Drag the following Security Engineering terms on the left to the BEST definition on the right. Answer:

The correct mappings are: 'Protection Needs' matches definition_1 because protection needs analysis is specifically the method used to identify CIA (confidentiality, integrity, availability) requirements for assets and characterize adverse impacts if those assets are compromised.

Submitted by rania.sa· Mar 5, 2026Security Engineering / Risk Management Framework - understanding foundational security engineering terminology including risk characterization, protection needs determination, threat assessment, and risk treatment strategies as defined in standards such as NIST SP 800-160 and ISO/IEC 27005.

Question

Drag and Drop Question Drag the following Security Engineering terms on the left to the BEST definition on the right. Answer:

Exhibit

CISSP question #1518 exhibit

Explanation

The correct mappings are: 'Protection Needs' matches definition_1 because protection needs analysis is specifically the method used to identify CIA (confidentiality, integrity, availability) requirements for assets and characterize adverse impacts if those assets are compromised. 'Risk' matches definition_2 because risk is classically defined as a measure of the extent to which an entity is threatened by a potential circumstance or event, combining likelihood and impact. 'Security Risk Treatment' refers to the process of selecting and implementing controls to modify risk (avoid, transfer, mitigate, accept), and 'Threat Assessment' is the process of identifying and evaluating threats based on their likelihood and potential impact - neither of which aligns with the provided definitions.

Topics

#Security Engineering#Risk Management#Threat Assessment#Protection Needs Analysis

Community Discussion

No community discussion yet for this question.

Full CISSP Practice