Certified Information Systems Security Professional (CISSP) — Question 379

What process facilitates the balance of operational and economic costs of protective measures with gains in mission capability?

Answer options

• A. Performance testing
• B. Risk assessment
• C. Security audit
• D. Risk management

Correct answer: D

Explanation

Risk management is the correct answer because it involves identifying, assessing, and prioritizing risks while balancing the costs of protective measures against the benefits to mission capability. Performance testing, risk assessment, and security audits, while important, do not specifically focus on the balance of costs and mission capability as a cohesive process.