SCP Exam SC0-471 Topic 3 Question 62 Discussion

Actual exam question for SCP's SC0-471 exam

Question #: 62
Topic #: 3

After a security meeting, IT leaders decided that the organization will perform a completely new risk analysis, as the previous one was done over five years ago. The methods that will be used is FRAP. Which of the following best describes the FRAP method of risk analysis?

AFRAP involves assigning team members to identify specific vulnerabilities. Once the vulnerabilities have been identified, a level of risk is assigned, as a factor of times per year this vulnerability may be exploited. Finally, a dollar value in lost revenue is assigned to each asset that can be compromised by this vulnerability.

BFRAP is a team method. Individuals from different aspects of an organization form a committee. Once together, they discuss the areas of risk, the likelihood of a threat, the impact of the threat, and the methods that should be used to minimize the threat.

CFRAP involves assigning dollar values to assets, and calculating how often a threat to the asset will occur. Once determined an approximate dollar value to each asset and threat combination is calculated.

DFRAP is the process of determining the likelihood of a threat as medium, high, or low. Once the likelihood is determined the cost is identified, again as medium, high, or low. Finally, based on cost, a response to the threat is determined.

EFRAP is the process of determining the likelihood of a threat as medium, high, or low. Once the likelihood is determined, the level of damage is identified, again as high, medium, or low. Finally, the response to the threat is determined.

Show Suggested Answer

Suggested Answer: B

by Kirk at Jan 11, 2023, 06:22 AM

Limited Time Offer

25%

Off

Get Premium SC0-471 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!