nerdexam
ExamsCSSLPQuestions#18
(ISC)2(ISC)2

CSSLP · Question #18

CSSLP Question #18: Real Exam Question with Answer & Explanation

The correct answer is B: Cost-benefit examination of countermeasures. The risk assessment step of the LeGrand Vulnerability-Oriented Risk Management method includes identifying vulnerabilities, assessing attacks, and performing a cost-benefit examination of countermeasures.

Secure Software Lifecycle Management

Question

The LeGrand Vulnerability-Oriented Risk Management method is based on vulnerability analysis and consists of four principle steps. Which of the following processes does the risk assessment step include? Each correct answer represents a part of the solution. Choose all that apply.

Options

  • ARemediation of a particular vulnerability
  • BCost-benefit examination of countermeasures
  • CIdentification of vulnerabilities
  • DAssessment of attacks

Explanation

The risk assessment step of the LeGrand Vulnerability-Oriented Risk Management method includes identifying vulnerabilities, assessing attacks, and performing a cost-benefit examination of countermeasures.

Common mistakes.

  • A. Remediation of a particular vulnerability is a risk treatment or mitigation step that occurs after the risk assessment phase, not as part of the assessment itself.

Concept tested. LeGrand risk management method steps

Topics

#Risk Management#Vulnerability Analysis#Risk Assessment#Security Methodologies

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CSSLP PracticeBrowse All CSSLP Questions