CISSP Practice question #246

If we are using a qualitative risk analysis approach. Which of these would we use?
A: Risk analysis matrix.
B: Cost per incident.
C: Exposure factor.
D: Asset value.

CBK 1: Security and Risk Management
Source: practice tests –


A: Qualitative Risk Analysis – How likely is it to happen and how bad is it if it happens? This is vague, guessing, a feeling and relatively quick to do. Most often done to know where to focus the Quantitative Risk Analysis.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

You may also like

Leave a Reply