Risk Management Fundamentals

Questions and Answers

What is the primary goal of risk management?

• To identify potential threats
• To analyze business impacts
• To identify mission-essential functions (correct)
• To identify risk response options

What are the key factors used to assess risk?

• The likelihood of an incident, the cost of deploying additional security controls, and the impact of the incident
• The likelihood of an incident, the cost of deploying additional security controls, and the probability of a vulnerability being activated
• The likelihood of an incident, the cost of deploying additional security controls, and the probability of a vulnerability being activated as a security incident (correct)
• The likelihood of an incident, the cost of deploying additional security controls, and the probability of a vulnerability being activated as a mission-essential function

What is typically involved in risk management?

• Identifying, assessing, and mitigating risk to protect mission-essential functions (correct)
• Identifying, assessing, and mitigating risk to protect vulnerable functions
• Identifying, assessing, and mitigating risk to protect mission-essential vulnerabilities
• Identifying, assessing, and mitigating risk to protect vulnerable threats

Flashcards are hidden until you start studying

Study Notes

• Risk management requires identifying mission-essential functions and vulnerabilities, identifying threats, analyzing business impacts, and identifying risk response options.
• The key factors used to assess risk include the likelihood of a vulnerability being activated as a security incident, the impact of that incident, and the cost of deploying additional security controls.
• Risk management typically involves identifying, assessing, and mitigating risk to protect mission-essential functions.