Briefly explain how to perform a risk assessment.

What will be an ideal response?

Determining the damage from an attack first requires a realistic look at several types of attacks that may occur, such as denial of service, wireless packet sniffing, access to unsecured WLAN management interfaces, and even social engineering. Then, based on the vulnerabilities recognized in the vulnerability appraisal, an analysis of the impact can be determined. Not all vulnerabilities pose a significant risk; with some vulnerabilities the risk may be minor. One way to determine the severity of a risk is to gauge the impact the vulnerability may have on the organization if it is exploited.