Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
17 Cards in this Set
- Front
- Back
What is the overall purpose of risk analysis? |
To identify the assets within the company and their value so that the threats against those assets can be identified. |
|
What is threat vector? |
A tool, or mechanism, the hacker uses to exploit a weakness on a system |
|
What steps are in the Risk Analysis Process? |
|
|
Name four types of vulnerabilities to Assets? |
|
|
Name six types of threats to Assets? |
|
|
Name four types of tangible impacts? |
|
|
Name four types of intangible impacts?
|
|
|
Once threats have been identified they must be Prioritize base on their? |
Impact and Probability of occurring so that you can deal with the more serious threats first. |
|
Threats are prioritized by what two methods? |
|
|
After Prioritizing threats the next step is to? |
Identify mitigation techniques |
|
Once solutions to mitigate threats are implemented and the asset has been reevaluated the remaining threats are known as? |
Residual risk that must be brought to the attention of management so that they can decide if they are willing to accept the risk or implement additional strategies. |
|
A Probability Scale is based on? |
A value created that is based on how the likelihood and impact of an event. Risk = Probability x Loss |
|
What are the two factors involved in Quantitative analysis: |
|
|
The annual Loss Expectancy = ? |
SLE * Annual Rate of Occurence (ARO) = (ALE = EF * Value) |
|
Name five Risk Mitigation Strategies? |
|
|
Risk management methods? |
|
|
Calculating ALE |
TO calculate the ALE:1. Find SLE = Dollar value x Exposure Factor 320 x .18 = 572. Take SLE and multiply it by the ARO fails once every 4 years 25% so .25 x 57 = 14 |