According to the NIST SP 800-30, what is the last step of a risk assessment?
A. Determine risk as a combination of likelihood and impact.
B. Identify impact.
C. Determine likelihood.
D. Identify threats.
A The order for a risk assessment according to NIST SP 800-30 follows:
1. Identify the assets and their value.
2. Identify threats.
3. Identify vulnerabilities.
4. Determine likelihood.
5. Identify impact.
6. Determine risk as a combination of likelihood and impact.
You might also like to view...
Three types of loop statements can be used to iterate through an array.
Answer the following statement true (T) or false (F)
A module that calls itself is known as a(n) __________ module.
Fill in the blank(s) with the appropriate word(s).
The term information hiding refers to the ____ and hiding of all implementation details.
A. encryption B. translation C. encapsulation D. destruction
You can limit the display of data to specific information by using ________
A) filtering B) reporting C) sorting D) charting