Performing Risk Assessments
A risk assessment is a point-in-time evaluation. It looks at the current situation and attempts to determine what risks exist and how to address them. For example, you can perform a risk assessment to determine risks for e-mail servers in your organization. This assessment will examine current threats, system configuration, interconnectivity, the amount of e-mail processed, fault-tolerance capabilities, power and air conditioning requirements, and more. However, after the assessment is completed, any of these elements can change, affecting the results of the assessment.
EXAM TIP A risk assessment looks at risks at a ...
Get SSCP Systems Security Certified Practitioner All-in-One Exam Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.