Certified Ethical Hacker 312-50v10 – Question311

Which of the following steps for risk assessment methodology refers to vulnerability identification?

Assigns values to risk probabilities; Impact values
B. Determines risk probability that vulnerability will be exploited (High, Medium, Low)
C. Identifies sources of harm to an IT system (Natural, Human, Environmental)
D. Determines if any flaws exist in systems, policies, or procedures

Correct Answer: D