Determining the risk for a particular threat/vulnerability pair before controls are applied can be expressed as:
A. the likelihood of a given threat attempting to exploit a vulnerability
B. a function of the cost and effectiveness of controls over a vulnerability
C. the magnitude of the impact should a threat exploit a vulnerability
D. a function of the likelihood and impact, should a threat exploit a vulnerability
A. the likelihood of a given threat attempting to exploit a vulnerability
B. a function of the cost and effectiveness of controls over a vulnerability
C. the magnitude of the impact should a threat exploit a vulnerability
D. a function of the likelihood and impact, should a threat exploit a vulnerability