Master the Fundamentals of Security and Risk Management

Questions and Answers

Which one of the following best describes security?

• A process of mitigating risk (correct)
• An unavoidable occurrence
• A continuous practice
• An exposure or weakness

What is the definition of risk?

• A continuous process and practice of mitigating risk
• The possibility of a threat exploiting a vulnerability within an asset (correct)
• An exposure or weakness
• An unavoidable occurrence that exploits risk

How can we quantify the possibility of risk?

• By focusing on continuous practice
• By avoiding threats and vulnerabilities
• By minimizing the likelihood and impact, risk is avoidable
• Risk = (likelihood of event) x (impact) (correct)

Flashcards are hidden until you start studying

Study Notes

Security

• Security refers to the protection of assets, data, and information from unauthorized access, use, disclosure, disruption, modification, or destruction.
• It involves the implementation of measures to prevent, detect, and respond to threats, vulnerabilities, and attacks.

Risk

• Risk is the likelihood and potential impact of an event or situation that could have a negative effect on an organization or individual.
• It is a situation involving exposure to danger, which may result in loss, injury, or other negative consequences.

Quantifying Risk

• Probability is a measure of the likelihood of a risk occurring, expressed as a number between 0 (impossible) and 1 (certain).
• Impact is the potential magnitude of the loss or damage resulting from a risk, measured in terms of financial, operational, or reputational effects.
• Risk can be quantified using a risk matrix, which plots the probability of a risk against its potential impact, resulting in a rating of low, moderate, or high risk.