Network Security and Troubleshooting, Exams of Nursing

Various network security concepts and troubleshooting techniques. It discusses topics such as endpoint security, service level agreements, fuzzing, password recovery, public key infrastructure, incident response procedures, and mobile device security. The document also addresses application security coding problems, network connectivity testing, bios settings, ip addressing, cable types, printer issues, and computer hardware configuration. By studying this document, readers can gain a comprehensive understanding of network security best practices, common troubleshooting scenarios, and strategies for maintaining a secure and reliable network infrastructure.

Typology: Exams

2023/2024

Available from 10/09/2024

TUTOR1
TUTOR1 🇺🇸

3.5

(21)

5.7K documents

1 / 334

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
COMPTIA SECURITY PRACTICE EXAM Question
with 100% verified Answers 2024 GRADE A+
USB Token and PIN - Answer A Chief Information Security Officer (CISO) wants to
implement two-factor authentication within
the company. Which of the following would fulfill the CISO's requirements?
Screen Lock - Answer Which of the following can a security administrator implement on
mobile devices that will help
prevent unwanted people from viewing the data if the device is left unattended?
Protocol analyzer - Answer Which of the following would a security administrator
implement in order to identify a problem
between two systems that are not communicating properly?
False positives - Answer Which of the following can result in significant administrative
overhead from incorrect reporting?
Vulnerability scan - Answer A security administrator wants to perform routine tests on
the network during working hours when certain applications are being accessed by the
most people. Which of the following would allow the security administrator to test the
lack of security controls for those applications with the least
impact to the system?
ALE - Answer Which of the following risk concepts requires an organization to
determine the number of failures
per year?
RETURN TO EXAM - Answer Please be aware that if you do not accept these terms
you will not be allowed to take this
CompTIA exam and you will forfeit the fee paid.
operational, technical, and management - Answer Three of the primary security control
types that can be implemented are.
Identification - Answer The helpdesk reports increased calls from clients reporting
spikes in malware infections on their
systems. Which of the following phases of incident response is MOST appropriate as a
FIRST
response?
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40
pf41
pf42
pf43
pf44
pf45
pf46
pf47
pf48
pf49
pf4a
pf4b
pf4c
pf4d
pf4e
pf4f
pf50
pf51
pf52
pf53
pf54
pf55
pf56
pf57
pf58
pf59
pf5a
pf5b
pf5c
pf5d
pf5e
pf5f
pf60
pf61
pf62
pf63
pf64

Partial preview of the text

Download Network Security and Troubleshooting and more Exams Nursing in PDF only on Docsity!

COMPTIA SECURITY PRACTICE EXAM Question

with 100% verified Answers 202 4 GRADE A+

USB Token and PIN - Answer A Chief Information Security Officer (CISO) wants to implement two-factor authentication within the company. Which of the following would fulfill the CISO's requirements? Screen Lock - Answer Which of the following can a security administrator implement on mobile devices that will help prevent unwanted people from viewing the data if the device is left unattended? Protocol analyzer - Answer Which of the following would a security administrator implement in order to identify a problem between two systems that are not communicating properly? False positives - Answer Which of the following can result in significant administrative overhead from incorrect reporting? Vulnerability scan - Answer A security administrator wants to perform routine tests on the network during working hours when certain applications are being accessed by the most people. Which of the following would allow the security administrator to test the lack of security controls for those applications with the least impact to the system? ALE - Answer Which of the following risk concepts requires an organization to determine the number of failures per year? RETURN TO EXAM - Answer Please be aware that if you do not accept these terms you will not be allowed to take this CompTIA exam and you will forfeit the fee paid. operational, technical, and management - Answer Three of the primary security control types that can be implemented are. Identification - Answer The helpdesk reports increased calls from clients reporting spikes in malware infections on their systems. Which of the following phases of incident response is MOST appropriate as a FIRST response?

SCP - Answer Which of the following protocols operates at the HIGHEST level of the OSI model? $5,000 - Answer Joe, the system administrator, has been asked to calculate the Annual Loss Expectancy (ALE) for a $5,000 server, which often crashes. In the past year, the server has crashed 10 times, requiring a system reboot to recover with only 10% loss of data or function. Which of the following is the ALE of this server? Honeypot - Answer Which of the following should an administrator implement to research current attack methodologies? Web Application Firewall - Answer Which of the following can be implemented in hardware or software to protect a web server from cross-site scripting attacks? MAC Filtering - Answer Which of the following means of wireless authentication is easily vulnerable to spoofing? validate and filter input on the server side and client side AND restrict and sanitize use of special characters in input and URLs - Answer The BEST methods for a web developer to prevent the website application code from being vulnerable to cross-site request forgery (XSRF) are to: (Select TWO). LEAP - Answer Jane, a security administrator, needs to implement a secure wireless authentication method that uses a remote RADIUS server for authentication. Which of the following is an authentication method Jane should use? Chain of custody - Answer Computer evidence at a crime scene is documented with a tag stating who had possession of the evidence at a given time. Group based privileges - Answer A network administrator is configuring access control for the sales department which has high employee turnover. Which of the following is BEST suited when assigning user rights to individuals in the sales department? Continuity of operations plan - Answer Which of the following is being tested when a company's payroll server is powered off for eight hours?

Establishing baseline reporting - Answer A security manager must remain aware of the security posture of each system. Which of the following supports this requirement? reduce the certificate management burden - Answer Deploying a wildcard certificate is one strategy to: Access control lists - Answer The security administrator needs to manage traffic on a layer 3 device to support FTP from a new remote site. Which of the following would need to be implemented? 22 - Answer Which of the following ports is used for SSH, by default? WPA2 CCMP - Answer A network administrator has been tasked with securing the WLAN. Which of the following cryptographic products would be used to provide the MOST secure environment for the WLAN? DDoS - Answer A server with the IP address of 10.10.2.4 has been having intermittent connection issues. The logs show repeated connection attempts from the following IPs: 10.10.3. 10.10.3. 212.178.24. 217.24.94. These attempts are overloading the server to the point that it cannot respond to traffic. Which of the following attacks is occurring? RC4 - Answer Which of the following ciphers would be BEST used to encrypt streaming video? Single factor authentication - Answer A user attempting to log on to a workstation for the first time is prompted for the following information before being granted access: username, password, and a four-digit security pin that was mailed to him during account registration. This is an example of which of the following? Advanced persistent threat - Answer After analyzing and correlating activity from multiple sensors, the security administrator has determined that a group of very well organized individuals from an enemy country is responsible for various attempts to breach the company network, through the use of very sophisticated and

targeted attacks. Which of the following is this an example of? It should be performed on the server side - Answer Which of the following is true about input validation in a client-server architecture, when data integrity is critical to the organization? Database field encryption - Answer A merchant acquirer has the need to store credit card numbers in a transactional database in a high performance environment. Which of the following BEST protects the credit card data? 3DES - Answer A bank has a fleet of aging payment terminals used by merchants for transactional processing. The terminals currently support single DES but require an upgrade in order to be compliant with security standards. Which of the following is likely to be the simplest upgrade to the aging terminals which will improve in-transit protection of transactional data? WAF - Answer Which of the following is BEST at blocking attacks and providing security at layer 7 of the OSI model? Protocol analyzer - Answer Which of the following is BEST used to capture and analyze network traffic between hosts on the same network segment? Information Security Awareness - Answer After a number of highly publicized and embarrassing customer data leaks as a result of social engineering attacks by phone, the Chief Information Officer (CIO) has decided user training will reduce the risk of another data leak. Which of the following would be MOST effective in reducing data leaks in this situation? Hashing - Answer Which of the following functions provides an output which cannot be reversed and converts data into a string of characters? Stream cipher - Answer Which of the following encrypts data a single bit at a time? SHA - Answer Which of the following is used to verify data integrity? SCP, SSH, SFTP - Answer By default, which of the following uses TCP port 22? (Select THREE).

The Remote Authentication Dial-In User Service server certificate has expired - Answer On Monday, all company employees report being unable to connect to the corporate wireless network, which uses 802.1x with PEAP. A technician verifies that no configuration changes were made to the wireless network and its supporting infrastructure, and that there are no outages. Which of the following is the MOST likely cause for this issue? Account lockout settings - Answer Which of the following would BEST deter an attacker trying to brute force 4-digit PIN numbers to access an account at a bank teller machine? Password history AND Minimum password age - Answer An administrator discovers that many users have used their same passwords for years even though the network requires that the passwords be changed every six weeks. Which of the following, when used together, would BEST prevent users from reusing their existing password? (Select TWO). Password age AND Password history - Answer A recent audit has discovered that at the time of password expiration clients are able to recycle the previous credentials for authentication. Which of the following controls should be used together to prevent this from occurring? (Select TWO). LDAP - Answer A system administrator is configuring UNIX accounts to authenticate against an external server. The configuration file asks for the following information DC=ServerName and DC=COM. Which of the following authentication services is being used? Authentication - Answer In Kerberos, the Ticket Granting Ticket (TGT) is used for which of the following? PAT - Answer Which of the following network design elements allows for many internal devices to share one public IP address? URL filter - Answer Which of the following components of an all-in-one security appliance would MOST likely be configured in order to restrict access to peer-to-peer file sharing websites? Incorporating diversity into redundant design - Answer When considering a vendor- specific vulnerability in critical industrial control systems which of the

following techniques supports availability? Matrix of job titles with required access privileges - Answer During the information gathering stage of a deploying role-based access control model, which of the following information is MOST likely required? Separation of duties - Answer The Chief Technical Officer (CTO) has been informed of a potential fraud committed by a database administrator performing several other job functions within the company. Which of the following is the BEST method to prevent such activities in the future? Encryption - Answer Ann would like to forward some Personal Identifiable Information to her HR department by email, but she is worried about the confidentiality of the information. Which of the following will accomplish this task securely? DLP - Answer A company is trying to limit the risk associated with the use of unapproved USB devices to copy documents. Which of the following would be the BEST technology control to use in this scenario? Hardware locks - Answer A company is trying to implement physical deterrent controls to improve the overall security posture of their data center. Which of the following BEST meets their goal? Digital signatures - Answer A company's employees were victims of a spear phishing campaign impersonating the CEO. The company would now like to implement a solution to improve the overall security posture by assuring their employees that email originated from the CEO. Which of the following controls could they implement to BEST meet this goal? Disabling unnecessary services - Answer A security technician is attempting to improve the overall security posture of an internal mail server. Which of the following actions would BEST accomplish this goal? Remote wiping - Answer A bank has recently deployed mobile tablets to all loan officers for use at customer sites. Which of the following would BEST prevent the disclosure of customer data in the event that a tablet is lost or stolen? Data security - Answer Which of the following is the primary security concern when deploying a mobile device on a

administrator define and implement general defense against malware? WPA-TKIP - Answer Due to hardware limitation, a technician must implement a wireless encryption algorithm that uses the RC4 protocol. Which of the following is a wireless encryption solution that the technician should implement while ensuring the STRONGEST level of security? Ann's private key AND Joe's public key - Answer Joe, a user, wants to send an encrypted email to Ann. Which of the following will Ann need to use to verify that the email came from Joe and decrypt it? (Select TWO). The CA's public key & Joe's public key - Answer Joe, a user, wants to send an encrypted email to Ann. Which of the following will Ann need to use to verify the validity's of Joe's certificate? (Select TWO). Biometrics - Answer A technician wants to implement a dual factor authentication system that will enable the organization to authorize access to sensitive systems on a need-to-know basis. Which of the following should be implemented during the authorization stage? OS Baseline comparison - Answer A security researcher wants to reverse engineer an executable file to determine if it is malicious. The file was found on an underused server and appears to contain a zero-day exploit. Which of the following can the researcher do to determine if the file is malicious in nature? Typo squatting - Answer A recent spike in virus detections has been attributed to end- users visiting www.compnay.com. The business has an established relationship with an organization using the URL of www.company.com but not with the site that has been causing the infections. Which of the following would BEST describe this type of attack? IDS - Answer A company has proprietary mission critical devices connected to their network which are configured remotely by both employees and approved customers. The administrator wants to monitor device security without changing their baseline configuration. Which of the following should be implemented to secure the devices without risking availability? Configure the switch to allow only traffic from computers based upon their physical address. - Answer An administrator has a network subnet dedicated to a group of users. Due to concerns regarding

data and network security, the administrator desires to provide network access for this group only. Which of the following would BEST address this desire? Lack of controls in place to ensure that the devices have the latest system patches and signature files - Answer Which of the following is a security concern regarding users bringing personally-owned devices that they connect to the corporate network? Place a guard at the entrance to approve access - Answer Due to issues with building keys being duplicated and distributed, a security administrator wishes to change to a different security control regarding a restricted area. The goal is to provide access based upon facial recognition. Which of the following will address this requirement? Configure the devices so that removable media use is disabled - Answer A security administrator has concerns regarding employees saving data on company provided mobile devices. Which of the following would BEST address the administrator's concerns? Risk acceptance - Answer Identifying residual risk is MOST important to which of the following concepts? Continuous security monitoring - Answer The information security technician wants to ensure security controls are deployed and functioning as intended to be able to maintain an appropriate security posture. Which of the following security techniques is MOST appropriate to do this? Create a server VLAN & Create an ACL to access the server - Answer A small company can only afford to buy an all-in-one wireless router/switch. The company has 3 wireless BYOD users and 2 web servers without wireless access. Which of the following should the company configure to protect the servers from the user devices? (Select TWO). Password breaches to the social media site affect the company application as well - Answer Users can authenticate to a company's web applications using their credentials from a popular social media site. Which of the following poses the greatest risk with this integration? Metrics - Answer A security team has established a security awareness program. Which of the following would BEST prove the success of the program? SSH & PGP/GPG - Answer A company needs to receive data that contains personally identifiable information. The company

Unmanaged switch - Answer A switch that does not need much configuration, but has less network capacity. Usually used in in home networking. Managed switch - Answer A switch that is configurable, offering greater flexibility, capacity, and control. Router/Layer 3 switch - Answer OSI Layer 3 device that allows nodes to connect to different networks. Firewall - Answer Blocks certain ports from being accessed. Load Balancer - Answer A common piece of hardware that distributes the load of connections evenly among servers. Very common in large environments. Unified Threat Management (UTM)/Web Security Gateway - Answer The evolution of the traditional firewall into an all-inclusive security product able to perform multiple security functions within one single system. Usually have bad performance because it has so many functions. Channel Service Unit/Data Service Unit (CSU/DSU) - Answer a digital-interface device used to connect a DTE, such as a router, to a digital circuit, such as a T1 line. Data Terminal Equipment - Answer An end instrument that converts user information into signals or reconverts received signals. T1 Line - Answer Can carry 24 digitized voice channels or data at a rate of 1. megabits per second. Intrusion Detection System (IDS) - Answer A device or software application that monitors a network or systems for malicious activity. Sits to the side of the network. Any detected activity or violation is typically reported either to an administrator or audited. Intrusion Prevention System (IPS) - Answer A control device that sits between two networks and controls the traffic in between them. Can automatically block known attacks by looking for anomalies, an exact match on a signature-database, and/or strange behaviors from users. Can also use an AI to look for identify malicious behavior. Whitelist - Answer A list of trusted message senders. Commonly used to identify whether an email is spam or not. Reverse DNS (rDNS) - Answer A method of comparing an IP address to a domain name to see if those two match. One application is a spam filter. Domain Name Servers (DNS) - Answer A directory of domain names that are translated into IP addresses.

Tarpitting - Answer The practice of intentionally slowing the transmission of e-mail messages as a means of thwarting spammers that send many emails. Web Application Firewall (WAF) - Answer An application firewall for HTTP applications. It applies a set of rules to an HTTP conversation. Can allow or deny based on excepted input (ex. you must enter a number into the "age" field). Payment Card Industry Data Security Standard (PCE DSS) - Answer A proprietary information security standard for organizations that handle branded credit cards from the major card schemes Application Layer Gateway (ALG) - Answer A software component that manages specific application protocols. Links between the Internet and application server and can understand the application protocol. Looks at all data, which drains performance. Many devices, such as a firewall or an IPS, use this. Stateful Multi-layer Inspection (SMLI)/Deep Packet Inspection (DPI) - Answer While others only examine the packet header, this sophisticated form of packet-filtering examines all seven layers of the OSI model. Each packet is examined and compared against known states of friendly packets. Looks at all data, which drains performance. Implicit deny - Answer Concept that if traffic is not explicitly permitted then it is denied. Not always used. Virtual LAN - Answer Logically separates a single switch's ports into subnets. Used to separate out different devices together so that a device cannot connect to another device in a different subnet without a router. Costs less than physically separating devices. IEEE 802.1D - Answer Protocol used to prevent loops between two bridged networks. Used almost everywhere. Bridge - Answer Layer two device that helps to join two otherwise separate computer networks together to enable communication between them. Spanning Tree Protocol (STP) - Answer A Layer 2 protocol that runs on bridges and switches. Ensures that no network loops are accidentally created. Built using the IEEE 802.1D standard. Root Bridge - Answer Special bridge at the top of the Spanning Tree. The branches (Ethernet connections) are then branched out, connecting to other switches in the Local Area Network. All messages must first be sent to this bridge so that this bridge can forward the message to the destination. Root Port - Answer The port on the Bridge that connects to the root bridge.

NAT Port Mapping Protocol (NAT-PMP) - Answer A network protocol for establishing NAT settings and port forwarding configurations automatically without user effort. Destination NAT - Answer If a request is sent to a router with a private LAN and NAT without the router first sending a message, the router can be configured to always forward that request to this device on the private LAN. Network Access Control (NAC) - Answer Restricting the availability of network resources to endpoint devices that comply with a defined security policy. Platform as a Service (PaaS) - Answer A category of cloud computing services that provides a platform allowing customers to develop, run, and manage applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app. Less secure because it's managed by a third party, but costs less resource. Software as a Service (SaaS) - Answer A software distribution cloud-computing model in which a third-party provider hosts applications and makes them available to customers over the Internet (ex. Gmail). Less secure because it's managed by a third party, but costs less resource. Infrastructure as a Service (IaaS)/Hardware as a Service (HaaS) - Answer A form of cloud computing that provides hardware resources over the Internet. Less secure because it's managed by a third party, but costs less resource. However, it is more secure than other cloud-computing services because the user can manage the hardware and the security. Private cloud - Answer A type of cloud that is created, used, and managed by one organization or group. Public cloud - Answer A type of cloud that is available over the internet for everyone to use. Hybrid cloud - Answer A type of cloud that combines a public cloud with a private cloud. Community cloud - Answer A type of cloud that is used by multiple organizations, but is not public. Internet Protocol version 4 (IPv4) - Answer An Internet protocol with 32-bit IP addresses, which creates up to a maximum of 4,294,967,296 different IP addresses. Internet Protocol version 6 (IPv6) - Answer An Internet protocol with 128-bit IP addresses, which creates up to a maximum of 2^128 different IP addresses.

Internet Protocol Security (IPsec) - Answer A network protocol suite that authenticates and encrypts the packets of data sent over a network at OSI layer 3. Internet Control Message Protocol (ICMP) - Answer A supporting protocol used by network devices, to send error messages and operational information, indicating, for example, that a requested service is not available or that a host or router could not be reached. Useful for reconnaissance and troubleshooting. Many firewalls prevent these messages to prevent reconnaissance and dangerous attacks. Simple Network Management Protocol (SNMP) - Answer An Internet-standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. File Transfer Protocol Secure (FTPS) - Answer An FTP protocol that adds cryptographic encryption. Secure Copy (SCP) - Answer Uses SSH to transfer files, but cannot list remote directories, remove files, or do anything else. Is a very bare protocol. SSH File Transfer Protocol (SFTP) - Answer Uses SSH to create an FTP. Allows interactive commands such as creating directories, deleting directories, and deleting files files. nslookup - Answer A command that converts a domain (such as google.com) into an IP address. Hypertext Transfer Protocol Secure (HTTPS) - Answer A connection over HTTP encrypted by TLS or SSL. Transport Layer Security (TLS) - Answer An updated version of SSL. (But is still sometimes informally referred to as SSL.) Secure Sockets Layer (SSL) - Answer The standard security cryptographic technology for establishing an encrypted link between a web server and a browser. Later replaced by TLS. Network Attached Storage (NAS) - Answer A single storage device that provides network nodes with file-based shared storage through a connection. Requires lots of bandwidth. Storage Area Network (SAN) - Answer A dedicated network of multiple nodes of storage devices that provides access to data storage. Requires lots of bandwidth. Fiber Channel (FC) - Answer A high-speed network technology (commonly running at 1, 2, 4, 8, 16, 32, and 128 gigabit(s) per second rates) primarily used to connect computer data storage to servers.

Routing and forwarding are functions of this layer, as well as addressing, internetworking, error handling, congestion control and packet sequencing. Layer 4 (Transport) - Answer OSI Layer that provides transparent transfer of data between end systems, or hosts, and is responsible for end-to-end error recovery and flow control. It ensures complete data transfer. Layer 5 (Session) - Answer OSI Layer that establishes, manages and terminates connections between applications. Layer 6 (Presentation) - Answer OSI Layer that provides independence from differences in data representation (e.g., encryption) by translating from application to network format, and vice versa. Works to transform data into the form that the application layer can accept. This layer formats and encrypts data to be sent across a network, providing freedom from compatibility problems. Layer 7 (Application) - Answer OSI Layer that supports application and end-user processes. Communication partners are identified, quality of service is identified, user authentication and privacy are considered, and any constraints on data syntax are identified. Everything at this layer is application-specific. This layer provides application services for file transfers, e-mail, and other network software services. Wired Equivalent Privacy (WEP) - Answer A security algorithm for IEEE 802.11 wireless networks. Has different levels of encryption. Uses static keys. Was later replaced because it became easy to crack in a few minutes. Wi-Fi Protected Access (WPA) - Answer A security algorithm for IEEE 802.11 wireless networks. Every packet got a unique encryption key. WPA2 - Answer A security algorithm for IEEE 802.11 wireless networks. Used AES to encrypt packets. Lightweight Extensible Authentication Protocol (LEAP) - Answer An authentication protocol that only uses passwords. No certificates are used. It is based on MS-CHAP, which has some security holes. Challenge-Handshake Authentication Protocol (CHAP) - Answer An authentication protocol where the server sends a challenge after receiving a request. If the requester responds with the correct hash-value, then the requester is authenticated MS-CHAP - Answer The Microsoft version of the Challenge-Handshake Authentication Protocol. Protected Extensible Authentication Protocol (PEAP) - Answer Authentication protocol that uses EAP in a TLS tunnel.

"Security through obscurity" - Answer The term used to describe the reliance on the secrecy of the design as the main method of providing security for a system or component of a system. Ex. Only using MAC Address filtering or disabling SSID Broadcasting. Service Set Identifier (SSID) - Answer The name of a wireless network which is seen by anyone who tries to search up nearby wireless networks. Temporary Key Integrity Protocol (TKIP) - Answer This protocol provides the rotation of keys so that every single packets gets a different encryption key. WPA was built using this protocol. CCMP - Answer An encryption protocol that offers more security than TKIP. Based on AES Captive Portal - Answer A web page that the user of a public-access network is obliged to view and interact with before access is granted. Omnidirectional antenna - Answer An antenna that evenly distributes the signal across all sides so that everyone connecting has the same signal strength. Directional antenna - Answer An antenna that distributes the signal to a single direction so that it can focus the signal where it needs the most signal strength. National Institute of Standards and Technology (NIST) - Answer A measurement standards laboratory, and a non-regulatory agency of the United States Department of Commerce that creates technological standards. False positive - Answer A false alarm from an IPS, IDS, anti-virus, and other anti- malware software. False negative - Answer A malware that gets through defense such as IPS, IDS, anti- virus, and other anti-malware software without any alarm being raised. Annualized Rate of Occurrence (ARO) - Answer The probability that a risk will occur in a particular year. Single Loss Expectancy (SLE) - Answer The monetary value expected from an event of a risk on an asset. Annual Loss Expectancy (ALE) - Answer The expected value of loss from a risk occurring. Found by multiplying ARO by SLE. Business Impact Analysis (BIA) - Answer Analysis that examines the risk likelihood of every threat. Indicates what is critical, what can be impacted, how long it will be impacted, and how this risk will affect the business overall.