Home › BCA Cyber Security › cybersecurity › Cybersecurity Fundamentals › Risk is commonly expressed as a function of
Risk is commonly expressed as a function of
Aspeed × latency
Bbandwidth × packets
Cusers × sessions
Dthreat × vuln × impact
Answer & Solution
Correct answer: D. threat × vuln × impact
1. In cybersecurity risk management (NIST SP 800-30): RISK = f(THREAT, VULNERABILITY, IMPACT).
2. THREAT: a potential source of attack (hacker, insider, malware).
3. VULNERABILITY: a weakness in the system the threat can exploit.
4. IMPACT: the harm to the organisation if exploited (financial, reputational, operational).
5. Mitigations target each axis: threat intelligence reduces threat exposure, patching reduces vulnerabilities, segmentation limits impact.
_Source: NIST CSF v1.1, §3.4 (Self-Assessing Cybersecurity Risk with the Framework) + NIST SP 800-30 reference._
Related questions
A HASH FUNCTION (e.g. SHA-256) used for password storage should beWhich of the following is a TYPE of MALWARE that encrypts files and demands payment for thA SECURITY INCIDENT is BEST defined asDEFENSE IN DEPTH is a strategy thatWhich authentication method requires the user to present at least TWO different categoriesPRINCIPLE OF LEAST PRIVILEGE states thatWithin the RESPOND function, ANALYSIS of detected incidents and COMMUNICATIONS with stakehWhich NIST CSF function ensures that PLANS to RESTORE capabilities or services are execute