SPIPC SPeD Final State Exam Questions with Verified Answers

Security Program Integration Professional Certification (SPIPC) Exam What is the purpose of the asset assessment step of the risk management process? - CORRECT ANSWER-• Identify assets requiring protection and/or that are important to the organization and to national security • Identify undesirable events and expected impacts • Prioritize assets based on consequences of loss What is the purpose of the threat assessment step of the risk management process? - CORRECT ANSWER-• Determine threats to identified assets • Assess intent and capability of identified threats • Assess current threat level for the identified assets What is the purpose of the vulnerability assessment step of the risk management process? - CORRECT ANSWER-• Identify existing countermeasures and their level of effectiveness in reducing vulnerabilities • Identify potential vulnerabilities related to identified assets and their undesirable events • Identify current vulnerability level for the identified assets that can be exploited by the identified threats What is the purpose of the risk assessment step of the risk management process? - CORRECT ANSWER-• Integrate information about the impact of undesirable events (collected during the asset assessment step) and the likelihood of undesirable events (based on information collected during the threat and vulnerability assessment steps) to determine risks to identified assets What is the purpose of the countermeasure determination step of the risk management process? - CORRECT ANSWER-• Identify potential countermeasures to reduce vulnerability and/or threat and/or impact • Identify countermeasure benefits in terms of risk reduction • Identify countermeasure costs • Conduct cost/benefit analysi