Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
16 Cards in this Set
- Front
- Back
What are the inputs for system characterization?
|
Hardware, Software, s
ystem interfaces, Data/Information, people, and system mission. |
|
List the outputs for the first step of Risk assessment
|
System Characterization output includes:
System boundary System functions System criticality System sensitivity |
|
How are threats identified in step 2 of the Risk Assessment process?
|
History of attacks,
Data from FedCIRC Intelligence agencies mass media |
|
What is the output from step 2 of the Risk Assessment process?
|
Threat Statement
|
|
How would you identify vulnerabilities in the Risk Assessment process?
|
Reports from prior risk assessments,
audit comments Security requirements test results |
|
What is the output for step 3 of the Risk Assessment process?
|
List of potential vulnerabilities.
|
|
What is the input for step 4 of the Risk Assessment process?
|
Current and planned controls
|
|
What is the output for the Control Analysis step of the Risk Assessment process?
|
List of planned and current controls.
(Same as output) |
|
What factors are considered in step 5 of the Risk Assessment process?
|
step 5 = likelihood determination
Threat-source motivation threat capacity nature of vulnerability current controls |
|
What is the output for step 5 of the Risk Assessment process?
|
Likelihood rating
|
|
What are the things considered in step 6 of the Risk Assessment process?
|
Mission impact analysis
Assest criticality assessment data criticality data sensitivity |
|
What is the output for step 6 of the Risk Assessment process?
|
Impact rating
|
|
What are the inputs for the risk determination step of the Risk Assessment process?
|
Likelihood of exploitation
magnitude of impact adequacy of planned and current controls. |
|
what is the output of the 7th step of the Risk Assessment process?
|
Risks and associated risk level.
|
|
What is the final output of the Risk Assessment process?
|
The Risk Assessment Report
|
|
What is the output for the 8th step of the Risk Assessment process?
|
Recommended controls
|