O'Reilly logo

CompTIA Security+ All-in-One Exam Guide, Third Edition by Chuck Cothren, Roger Davis, Dwayne Williams, Gregory White, Wm. Arthur Conklin

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Qualitatively Assessing Risk

Qualitative risk analysis allows expert judgment and experience to assume a prominent role. To assess risk qualitatively, you compare the impact of the threat with the probability of occurrence. For example, if a threat has a high impact and a high probability of occurring, the risk exposure is high and probably requires some action to reduce this threat (see darkest box in Figure 17-3). Conversely, if the impact is low with a low probability, the risk exposure is low and no action may be required to reduce this threat (see white box in Figure 17-3). Figure 17-3 shows an example of a binary assessment, where only two outcomes are possible each for impact and probability. Either it will have an impact or it will not ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required