PrepAway - Latest Free Exam Questions & Answers

Overall business risk for a particular threat can be expressed as:

Overall business risk for a particular threat can be expressed as:

PrepAway - Latest Free Exam Questions & Answers

A.
a product of the probability and magnitude of the impact if a threat successfully exploits a
vulnerability.

B.
the magnitude of the impact should a threat source successfully exploit the vulnerability.

C.
the likelihood of a given threat source exploiting a given vulnerability.

D.
the collective judgment of the risk assessment team.

Explanation:

Choice A takes into consideration the likelihood and magnitude of the impact and provides the
best measure of the risk to an asset. Choice B provides only the likelihood of a threat exploiting a
vulnerability in the asset but does not provide the magnitude of the possible damage to the asset.
Similarly, choice C considers only the magnitude of the damage and not the possibility of a threat
exploiting a vulnerability. Choice D defines the risk on an arbitrary basis and is not suitable for a
scientific risk management process.


Leave a Reply