Which of the following steps for risk assessment methodology refers to vulnerability identification?
A. Assigns values to risk probabilities; Impact values
B. Determines risk probability that vulnerability will be exploited (High, Medium, Low)
C. Identifies sources of harm to an IT system (Natural, Human, Environmental)
D. Determines if any flaws exist in systems, policies, or procedures
A. Assigns values to risk probabilities; Impact values
B. Determines risk probability that vulnerability will be exploited (High, Medium, Low)
C. Identifies sources of harm to an IT system (Natural, Human, Environmental)
D. Determines if any flaws exist in systems, policies, or procedures