Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.

Exam CBAP topic 1 question 282 discussion

Actual exam question from IIBA's CBAP
Question #: 282
Topic #: 1
[All CBAP Questions]

Which of the following involves defining the various threats, determining the extent of vulnerabilities, and devising countermeasures against a possible attack?

  • A. Qualitative risk analysis
  • B. Risk analysis
  • C. Risk assessment
  • D. Quantitative risk analysis
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️


Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
1 month, 1 week ago
B is correct because 'Risk assessment' is a term not used in BABOK v3. It uses terms 'Risk Analysis and Management' and 'Risk Analysis'. Further, from question, it is not clear whether the threat is quantifiable or not. So, qualitative or quantitative analysis cannot be specified.
upvoted 1 times
1 month, 1 week ago
Selected Answer: C
Key word "a possible attack" We are assessing the risk of "a possible attack" So Ans is C
upvoted 1 times
1 month, 3 weeks ago
Selected Answer: C
BABOK v3 discusses qualitative and quantitative MEASURES in the context of risk assessment, not just in risk analysis. In the broader context of business analysis, these measures are indeed used to assess risks, including defining threats, vulnerabilities, and countermeasures. Therefore, considering the broader understanding of risk assessment within the business analysis domain, options A, B, and D could be acceptable. However, option C, "Risk assessment," is the most specific and direct term that encompasses the process of defining threats, determining vulnerabilities, and devising countermeasures against potential attacks.
upvoted 1 times
3 months, 3 weeks ago
Selected Answer: C
Risk Assessment involves identifying potential threats, assessing vulnerabilities, and developing countermeasures to mitigate risks and enhance security against possible attacks.
upvoted 3 times
2 years, 2 months ago
why is the answer not B?
upvoted 4 times
2 years, 2 months ago
Risk analysis is the global term which include both qualitative and quantitative risk analysis. In this case, we are talking about various threats and how to mitigate a possible attack. We are clearly speaking about qualitative risk analysis.
upvoted 3 times
11 months, 3 weeks ago
sounds legitimate but where in BABOK V3 this has been explained? I couldn't find this justification anywhere!
upvoted 1 times
Community vote distribution
A (35%)
C (25%)
B (20%)
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

Loading ...