Threats and Vulnerabilities Flashcards

1
Q

Vulnerability

A

Percentage of threat events that will become loss events.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Calculate vulnerability

A

Threat capability vs. resistance strength

Percentage of threat events that become loss events.
Percentage of 1’s vs. 0’s.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Threat capability continuum

A

Range of percentiles from 0-100 that threat communities are placed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

When are we vulnerable in the capability continuum.

A

Any time the threat capability exceeds the resistance strength.

(Right of the line)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the value for vulnerability if the resistance strength is greater than the threat capability?

A

0

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the value for vulnerability if the threat capability is greater than the resistance strength?

A

1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How is loss event frequency determined?

A

Vulnerability vs. threat event frequency

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Is it best to start at the top or bottom of the FAIR model?

A

Top

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Threat event frequency x Vulnerability =

A

Loss Event Frequency

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Threat profiling

A

Profile of methods, motivations, resources.

Helps to identify threat communities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What does this question identify?

“who or what is capable of acting against my asset in a way that could cause loss?”

A

A threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly