Andreas is conducting a risk assessment of a network. He asks the following questions: What is
the target? How serious is the threat of intrusion? What is the probability of the threat occurring?
Considering these questions, which step of risk assessment is Andreas conducting?
A.
Analyzing, categorizing and prioritizing resources
B.
Considering the business concerns
C.
Evaluating the existing perimeter and internal security
D.
Using the existing management and control architecture