(302) Which one of the following risk analysis terms characterizes the absence or weakness of a risk-reducing safegaurd?
D. Loss expectancy
Correct Answer: C
A weakness in system security procedures, system design, implementation, internal controls, and so on that could be exploited to violate system security policy. -Ronald Krutz The CISSP PREP Guide (gold edition) pg 927
- Muhammad Idham Azhari