SY0-701 - CompTIA Security+: Risk Management





Security risk management is the ongoing process of identifying security risks and implementing plans to address them. Most security professionals should have a solid foundation in this important cross-disciplinary initiative. In this course, you will take a deep dive into security risk management, including risk identification and assessment. Then you will explore risk analysis concepts like qualitative and quantitative analysis and impact/magnitude. Next, you will discover risk treatment and handling strategies, including transfer, acceptance, and exemption. You will examine risk registers and ledgers, key risk indicators, risk owners, and risk thresholds. Finally, you will investigate risk reporting techniques and business impact analysis (BIA) to predict the consequences of a disruption to a business and collect information needed to develop recovery strategies. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.




0.63

SY0-701 - CompTIA Security+: Risk Management

  • define risk management
  • describe risk identification and assessment, including ad hoc, recurring, one-time, and continuous
  • provide an overview of risk analysis, including concepts like qualitative and quantitative risk analysis, probability/likelihood, and impact/magnitude
  • describe risk treatment and handling methods such as transfer, accept, and exemption, and risk appetite approaches like expansionary, conservative, and neutral
  • define risk registers and ledgers, key risk indicators, risk owners, and risk thresholds
  • describe risk reporting techniques
  • provide an overview of business impact analysis, including concepts like Recovery Time Objective (RTO), Recovery Point Objective (RPO), mean time to repair (MTTR), and mean time between failures (MTBF)


    • it_cssecp23_18_enus