CompTIA Security+ Exam Prep

Category - Management

Mr. Indecisive is assigned responsibility for creating the initial draft of the Risk Assessment. When
Mr. Newbie is assigned to help with prioritization of the threats identified in the Risk Assessment. Each potential threat is already listed, along with its likelihood and severity rating. In order to create a priority list and order the threats correctly, what should Mr. Newbie do?
  1. Organize the lists alphabetically and assign priority based on the order that the threats appear in the alphabetical lists.
  2. Create two lists-one is a priority list based on likelihood and the other is a priority list based on severity.
  3. Multiply the likelihood rating with the severity rating and then organize the list according to that number (the relative weight). The higher the relative weight, the higher the priority.
  4. Add the likelihood rating to the severity rating and then organize the list according to that number (the relative weight). The higher the relative weight, the higher the priority.
Explanation
Answer: C - In order to obtain the relative weight of each potential threat to the company, the likelihood rating and the severity rating need to be multiplied together. After that, the list of threats can be organized by relative weight.

To incorporate both the likelihood and severity ratings, you need to multiply the two ratings together. If there are additional factors that the risks were rated on, these should also be multiplied together as well. The relative weight rating can then be used to prioritize the potential threats. Once a final priority list has been created, review the list to make sure that it makes sense and that there are no anomalies or miscalculations on the list.
Was this helpful? Upvote!
Login to contribute your own answer or details

Top questions

Related questions

Most popular on PracticeQuiz