Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

PECB Exam ISO-IEC-27005-Risk-Manager Topic 1 Question 11 Discussion

Actual exam question for PECB's PECB Certified ISO/IEC 27005 Risk Manager exam
Question #: 11
Topic #: 1
[All PECB Certified ISO/IEC 27005 Risk Manager Questions]

According to CRAMM methodology, how is risk assessment initiated?

Show Suggested Answer Hide Answer
Suggested Answer: A

According to the CRAMM (CCTA Risk Analysis and Management Method) methodology, risk assessment begins by collecting detailed information on the system and identifying all assets that fall within the defined scope. This foundational step ensures that the assessment is comprehensive and includes all relevant assets, which could be potential targets for risk. This makes option A the correct answer.


Contribute your Thoughts:

Mertie
10 days ago
This question is a real head-scratcher, ain't it? I'm just gonna throw a dart and hope for the best. Security stuff is way over my head anyway.
upvoted 0 times
...
Mirta
13 days ago
I'm going with C. Determining the methods and procedures for managing risks is key, otherwise how are you gonna actually deal with them?
upvoted 0 times
...
Erinn
14 days ago
Option A all the way, baby! Gotta know your enemy before you can defeat it. Or something like that. I dunno, I just want my certification, alright?
upvoted 0 times
...
Merrilee
17 days ago
Hmm, I dunno, I kinda like option B. Identifying the security risks first seems like a more logical approach to me. But I could be wrong, who knows?
upvoted 0 times
Altha
5 days ago
I think option A makes more sense. Gathering information on the system and identifying assets seems like a good starting point.
upvoted 0 times
...
...
Moon
24 days ago
I agree, A is the way to go. Can't really manage risks if you don't know what you're working with, right?
upvoted 0 times
Merilyn
9 hours ago
B) By identifying the security risks
upvoted 0 times
...
Laura
7 days ago
Definitely, knowing what assets you have is crucial for managing risks.
upvoted 0 times
...
Tamera
12 days ago
A) By gathering information on the system and identifying assets within the scope
upvoted 0 times
...
...
Casandra
1 months ago
I think option A is the correct answer. You gotta start with gathering information on the system and identifying the assets first before you can assess the risks.
upvoted 0 times
Geraldo
3 days ago
Maybe a combination of both options A and B would be ideal for a comprehensive risk assessment.
upvoted 0 times
...
Maurine
13 days ago
I see your point, but I still think option A is the best way to initiate risk assessment.
upvoted 0 times
...
Tish
15 days ago
I think option B is also important. Identifying the security risks early on can help in the assessment process.
upvoted 0 times
...
Filiberto
18 days ago
I agree, option A makes sense. You need to know what you're dealing with before assessing the risks.
upvoted 0 times
...
...
Maia
1 months ago
I believe determining methods and procedures for managing risks comes after identifying the assets.
upvoted 0 times
...
Annice
1 months ago
I agree with Johana, that's the first step in the CRAMM methodology.
upvoted 0 times
...
Johana
1 months ago
I think risk assessment is initiated by gathering information on the system and identifying assets within the scope.
upvoted 0 times
...

Save Cancel