You are conducting a risk assessment based on NIST SP 800-30 R1, in which adversarial threat events are expressed as tactics, techniques, and procedures (TTPs). Which of the following risk factors best describes an adversarial threat event? (Wentz QOTD)
A. Fire at the primary facility
B. Compliance with technical standards
C. Perform network sniffing of exposed networks
D. Inability to perform current missions/business functions
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is C. Perform network sniffing of exposed networks.
Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.
您正在根據 NIST SP 800-30 R1 進行風險評鑑，其中對抗性威脅事件表示為戰術、技術和程序 (TTP)。 以下哪個風險因素最能描述敵對威脅事件？ (Wentz QOTD)