Measuring and Weighing Risk
THE FOLLOWING COMPTIA SECURITY+ EXAM OBJECTIVES ARE COVERED IN THIS CHAPTER:
2.1 Explain the importance of risk related concepts.
- Control types: Technical; Management; Operational
- False positives
- False negatives
- Risk calculation: likelihood; ALE; impact; SLE; ARO; MTTR; MTTF; MTBF
- Quantitative vs. qualitative
- Threat vectors
- Probability/threat likelihood
- Risk-avoidance, transference, acceptance, mitigation, and deterrence
- Risks associated ...