Exam CC Topic 1 Question 180 Discussion

Actual exam question for ISC's CC exam
Question #: 180
Topic #: 1
Is defined as the process of identifying, estimating, and prioritizing risks.

Suggested Answer: A Vote an answer

Risk assessment is the structured process of identifying risks, estimating their likelihood and impact, and prioritizing them for treatment. It forms the analytical foundation of risk management and enables informed decision-making. Risk assessment typically includes threat identification, vulnerability analysis, likelihood determination, and impact analysis.
Risk treatment and mitigation occur after risks have been assessed, while risk management is the broader lifecycle that includes assessment, response, monitoring, and communication. Standards such as NIST SP 800-
30 emphasize risk assessment as a critical early step in managing cybersecurity risk.

by Gavin at Mar 18, 2026, 03:48 PM

Limited Time Offer

15%

Off

Get Premium CC Questions as Interactive Self Test Engine or PDF

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
0
0
0
10