CSSLP Question #117: Real Exam Question with Answer & Explanation

The correct answer is B: Evaluate potential threats to the assets.. The initial steps in a risk analysis process involve identifying and valuing assets, evaluating potential threats, estimating potential losses, and establishing the likelihood of those threats occurring.

Secure Software Concepts

Question

Which of the following are the initial steps required to perform a risk analysis process? Each correct answer represents a part of the solution. Choose three.

Options

AValuations of the critical assets in hard costs.
BEvaluate potential threats to the assets.
CEstimate the potential losses to assets by determining their value.
DEstablish the threats likelihood and regularity.

Explanation

The initial steps in a risk analysis process involve identifying and valuing assets, evaluating potential threats, estimating potential losses, and establishing the likelihood of those threats occurring.

Common mistakes.

A. While asset valuation is a key part of the process, specifying 'hard costs' is too narrow and not a universally distinct initial step compared to the broader concept of determining asset value, which includes tangible and intangible aspects.

Concept tested. Risk analysis initial steps

Topics

#Risk analysis steps#Threat identification#Asset valuation#Likelihood assessment

Community Discussion

No community discussion yet for this question.

Full CSSLP Practice Browse All CSSLP Questions