CHAPTER 7

Risk, Response, and Recovery

In this chapter, you will learn about

•  The definition of risk

•  Threat sources, threat events, and vulnerabilities

•  Impact assessments and sharing threat intelligence

•  Different methods of managing risk

•  The definition of residual risk

•  Risk registers and the Common Vulnerability Scoring System

•  Common risk management frameworks

•  Risk assessments and threat modeling

•  Differences between quantitative and qualitative risk analysis

•  Common steps in risk assessments

•  Common phases in the incident lifecycle

Defining Risk

The simple definition of risk is the probability or likelihood that a threat will exploit a vulnerability and cause a loss. A threat is any activity that can be a possible ...

Get SSCP Systems Security Certified Practitioner All-in-One Exam Guide, Third Edition, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.