(ISC)2(ISC)2
SSCP · Question #36
SSCP Question #36: Real Exam Question with Answer & Explanation
The correct answer is D: security budget. Assessing a facility's vulnerability involves examining its current state, past incidents, and existing security measures, but not the budget allocated for security.
Submitted by rachelw· Apr 18, 2026Risk Identification, Monitoring and Analysis
Question
The "vulnerability of a facility" to damage or attack may be assessed by all of the following except:
Options
- AInspection
- BHistory of losses
- CSecurity controls
- Dsecurity budget
Explanation
Assessing a facility's vulnerability involves examining its current state, past incidents, and existing security measures, but not the budget allocated for security.
Common mistakes.
- A. Inspection involves physically examining the facility for weaknesses in its structure, systems, or procedures.
- B. History of losses provides concrete evidence of past successful attacks or incidents, highlighting existing vulnerabilities.
- C. Security controls are the existing measures (physical, technical, administrative) in place; their effectiveness and any gaps directly relate to vulnerability.
Concept tested. Components of vulnerability assessment
Topics
#Vulnerability Assessment#Risk Management#Security Assessment#Physical Security
Community Discussion
No community discussion yet for this question.