Mike Meyers' CompTIA Security+ Certification Guide (Exam SY0-401)

MODULE 6

IT Risk Assessment

Recall from Module 5 that risk is a combination of several elements: assets, vulnerabilities, threats, threat agents, likelihood, and impact. Although Module 5 discussed these elements in depth, you have not yet learned how to assess risk, and that’s the focus of this module. We will look at different methods for evaluating and assessing risk. We will look at calculating likelihood and impact factors, as well as how to frame risk response in light of our risk assessments.

Assessing Risk

Risk assessment is the process of evaluating likelihood and impact factors in conjunction with the risk elements previously discussed, such as threat, vulnerability, and assets. The purpose of assessing risk is to determine, as definitively ...

Get Mike Meyers' CompTIA Security+ Certification Guide (Exam SY0-401) now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Mike Meyers' CompTIA Security+ Certification Guide (Exam SY0-401) by Mike Meyers

MODULE 6

IT Risk Assessment

Assessing Risk

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly