Systems Security Certified Practitioner – SSCP – Question0343

Which of the following is not a component of a Operations Security "triples"?

A.
Asset
B. Threat
C. Vulnerability
D. Risk

Correct Answer: D

Explanation:

The Operations Security domain is concerned with triples -threats, vulnerabilities and assets. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 216.