According to the NIST SP 800-30, what is the last step of a risk assessment?

A. Determine risk as a combination of likelihood and impact.
B. Identify impact.
C. Determine likelihood.
D. Identify threats.

A The order for a risk assessment according to NIST SP 800-30 follows:
1. Identify the assets and their value.
2. Identify threats.
3. Identify vulnerabilities.
4. Determine likelihood.
5. Identify impact.
6. Determine risk as a combination of likelihood and impact.

Computer Science & Information Technology

You might also like to view...

Bits of data travel inside the processor on the

A) External data bus B) PCI bus C) Internal data bus D) USB expansion bus

View

Computer Science & Information Technology

Clicking the Show/Hide button on the HOME tab displays how many paragraphs or tabs exist in the document.

Answer the following statement true (T) or false (F)

View

Computer Science & Information Technology