7/8/2021 TestOut LabSim

3.1 Risk Identification Process

As you study this section, answer the following questions:

What assets are vulnerable?

What are the potential threats?
What vulnerabilities exist?

In this section, you will learn to:

Identify assets
Define potential threats
Discover threat vulnerabilities

The key terms for this section include:

Term Definition

Physical machines such as servers and workstations, intangibles such as intellectual

Asset
property, sales forecasts, product roadmaps, etc.

The cornerstone of security infrastructure, which is composed of Confidentiality, Integrity,

CIA Triad
and Availability.

Threat Anything that can damage a business's ability to generate revenue.

A weakness a threat actor could use to exploit and threaten systems. Could be both internal
Vulnerability
and external

This section helps you prepare for the following certification exam objectives:

Exam Objective

TestOut Cyber Defense Pro, v1.0 3.1 Risk Identification Process

3.1 Given a scenario, analyze data as part of security

monitoring
activities.

Impact analysis
Organization impact vs. localized impact
CompTIA CySA+ (CS0-002) Immediate vs. total

5.2 Given a scenario, apply security concepts in support of

organizational risk mitigation.

Risk identification process

Copyright © 2021 TestOut Corporation All rights reserved.

https://labsimapp.testout.com/v6_0_455/index.html/productviewer/1188/3.1 1/1