SSCP Systems Security Certified Practitioner All-in-One Exam Guide, Third Edition, 3rd Edition

CHAPTER 7 Risk, Response, and Recovery

In this chapter, you will learn about

• The definition of risk

• Threat sources, threat events, and vulnerabilities

• Impact assessments and sharing threat intelligence

• Different methods of managing risk

• The definition of residual risk

• Risk registers and the Common Vulnerability Scoring System

• Common risk management frameworks

• Risk assessments and threat modeling

• Differences between quantitative and qualitative risk analysis

• Common steps in risk assessments

• Common phases in the incident lifecycle

Defining Risk

The simple definition of risk is the probability or likelihood that a threat will exploit a vulnerability and cause a loss. A threat is any activity that can be a possible ...

Get SSCP Systems Security Certified Practitioner All-in-One Exam Guide, Third Edition, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

SSCP Systems Security Certified Practitioner All-in-One Exam Guide, Third Edition, 3rd Edition by Darril Gibson

CHAPTER 7

Risk, Response, and Recovery

Defining Risk

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly