Certified Business Analysis Professional (CBAP) — Question 335

Which of the following involves defining the various threats, determining the extent of vulnerabilities, and devising countermeasures against a possible attack?

Answer options

• A. Qualitative risk analysis
• B. Risk analysis
• C. Risk assessment
• D. Quantitative risk analysis

Correct answer: C

Explanation

The correct answer is C, Risk assessment, as it specifically focuses on identifying threats, assessing vulnerabilities, and planning countermeasures. While A, B, and D are related concepts, they do not encompass the full scope of evaluating threats and vulnerabilities as explicitly as risk assessment does.