Risk Management — CompTIA Security+ (SY0-701) Practice Questions
Risk management is the systematic process of identifying, assessing, and prioritizing risks to organizational assets, then applying resources to minimize, monitor, and control the likelihood or impact of adverse events. On SY0-701, risk management is a major domain covering concepts such as risk identification, risk analysis (qualitative and quantitative), risk appetite, risk tolerance, and risk response strategies including avoidance, transference, mitigation, and acceptance. The exam uses scenario-based questions to test whether candidates can select the appropriate risk response given business context and asset value. Candidates must also understand supporting concepts such as single loss expectancy (SLE), annualized loss expectancy (ALE), and annualized rate of occurrence (ARO).
Free questions on risk management
More risk management questions in the full bank
- What is security posture? Unlock answer & explanation →
- What is a vulnerability assessment? Unlock answer & explanation →
- What is change management in security? Unlock answer & explanation →