Which of the following provides a method of quantifying risks associated with information technology in addition to helping with validating the abilities of new security controls and countermeasures to address the identified risks?

Which of the following provides a method of quantifying risks associated with information technology in addition to helping with validating the abilities of new security controls and countermeasures to address the identified risks?

Which of the following provides a method of quantifying risks associated with information technology in addition to helping with validating the abilities of new security controls and countermeasures to address the identified risks?

A.
Threat/risk assessment

B.
Penetration testing

C.
Vulnerability assessment

D.
Data classification

Explanation:
A: Penetration testing, vulnerability assessments, and data classification may help with the identifi cation of threats and countermeasures, but do not necessarily always translate or quantify the threats and vulnerabilities to risk.Page 706.

Show Hint

Leave a Reply 1

Your email address will not be published. Required fields are marked *

joe

joe

Threat/risk assessment

Reply