Chapter Review

Risk management is a key management process that must be used at every level, whether managing a project, a program, or an enterprise. Managing risk is important in keeping a business competitive and must be done by managers at all levels. Both qualitative and quantitative risk assessment approaches must be used to manage risk effectively, and a number of approaches were presented in this chapter. Understand that it is impossible to conduct a purely quantitative risk assessment, but it is possible to conduct a purely qualitative risk assessment.


  1. Which of the following correctly defines qualitative risk management?

A. The loss resulting when a vulnerability is exploited by a threat

B. To reduce the likelihood of a ...

Get CompTIA Security+ All-in-One Exam Guide (Exam SY0-301), 3rd Edition, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.