ExamTopics Logo
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam CSSLP All Questions

View all questions & answers for the CSSLP exam
Go to Exam

Exam CSSLP topic 2 question 17 discussion

Actual exam question from ISC's CSSLP
Question #: 17
Topic #: 2
[All CSSLP Questions]

Which of the following are the initial steps required to perform a risk analysis process? Each correct answer represents a part of the solution. Choose three.

  • A. Valuations of the critical assets in hard costs.
  • B. Evaluate potential threats to the assets.
  • C. Estimate the potential losses to assets by determining their value.
  • D. Establish the threats likelihood and regularity.
Show Suggested Answer Hide Answer
Suggested Answer: potential threats to the assets. Establish the threats probability and regularity. Answer: A is incorrect. Valuations of the critical assets in hard costs is one of the 🗳️
The main steps of performing risk analysis are as follows: Estimate the potential losses to the assets by determining their value. Evaluate the final steps taken after performing the risk analysis.
by 74gjd_37 at Sept. 30, 2023, 7:15 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
74gjd_37
5 months, 2 weeks ago
Selected Answer: BCD
The correct answers are: B. Evaluate potential threats to the assets. C. Estimate the potential losses to assets by determining their value. D. Establish the threats likelihood and regularity. Valuations of critical assets in hard costs may be needed, but it is not an initial step required for performing a risk analysis process from an ISC2 CSSLP perspective.
upvoted 1 times
74gjd_37
5 months, 2 weeks ago
The initial steps required to perform a risk analysis process involve evaluating potential threats, estimating potential losses, and establishing the likelihood and regularity of these threats. These steps help identify areas where security measures need to be implemented or improved in order to mitigate risks. Threat evaluation involves identifying different types of threats that could potentially harm critical assets within an organization's systems. Estimating potential losses requires determining the value of each asset and assessing the financial impact if it were lost or compromised. Threat likelihood and regularity must also be established by examining how often incidents occur and how likely they are to happen again. By going through these initial steps, organizations can develop better-informed risk management strategies that enable them to prioritize investment in effective security controls based on which assets are more valuable or at higher risk for particular threat sources or motives.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago