nerdexam
ExamsCSSLPQuestions#155
(ISC)2(ISC)2

CSSLP · Question #155

CSSLP Question #155: Real Exam Question with Answer & Explanation

The correct answer is A: Identifying the risk. The core goals of risk management involve systematically identifying risks, assessing the potential impact of threats, and finding a cost-effective balance between risk impact and the investment in countermeasures.

Secure Software Concepts

Question

Which of the following are the goals of risk management? Each correct answer represents a complete solution. Choose three.

Options

  • AIdentifying the risk
  • BAssessing the impact of potential threats
  • CIdentifying the accused
  • DFinding an economic balance between the impact of the risk and the cost of the countermeasure

Explanation

The core goals of risk management involve systematically identifying risks, assessing the potential impact of threats, and finding a cost-effective balance between risk impact and the investment in countermeasures.

Common mistakes.

  • C. "Identifying the accused" relates to incident response, forensics, or legal processes after a security event, not a primary goal of proactive risk management.

Concept tested. Risk management goals

Reference. https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf

Topics

#Risk Management Goals#Risk Identification#Risk Assessment#Countermeasure Selection

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CSSLP PracticeBrowse All CSSLP Questions