AppendixAnswers to Review Questions

Chapter 1: Risk Management

  1. A.

    A vulnerability is a weakness in system design, procedure, or code. It can be exploited for a threat to destroy, damage, or compromise an asset. A threat is the circumstance or likelihood of a vulnerability being exploited. The likelihood of the threat is the probability of occurrence or the odds that the event will actually occur.

  2. A.

    The BEST definition of a risk in IT is a vulnerability in your ecosystem and the high probability of compromise with a known active threat actor.

  3. B.

    A breach of physical security can be instigated by a trusted insider or an untested outsider. Intruders, vandals, and thieves remove sensitive information, destroy data, or physically damage or ...

Get CASP+ Practice Tests now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.