Certified Secure Software Lifecycle Professional (CSSLP) — Question 75

Which of the following are the initial steps required to perform a risk analysis process? Each correct answer represents a part of the solution. Choose three.

Answer options

• A. Valuations of the critical assets in hard costs.
• B. Evaluate potential threats to the assets.
• C. Estimate the potential losses to assets by determining their value.
• D. Establish the threats likelihood and regularity.

Correct answer: A

Explanation

The correct steps to initiate a risk analysis include assessing assets' valuations, examining potential threats, and estimating losses. Answer A correctly identifies the need for asset valuation, while the other options, while relevant, pertain to subsequent steps in the process.