Question

Ben is preparing to conduct a cybersecurity risk assessment for his organization. If he chooses to follow the standard process proposed by NIST, which of the following steps would come first?

A. Determine Likelihood
B. Determine Impact
C. Identify Threats
D. Identify Vulnerabilities

Answer 1

The first step in the standard process proposed by NIST for conducting a cybersecurity risk assessment is to identify threats.

Step-by-step explanation:

If Ben chooses to follow the standard process proposed by NIST for conducting a cybersecurity risk assessment, the first step would be to Identify Threats. This involves analyzing and identifying potential threats that could exploit vulnerabilities in the organization's network. Once the threats are identified, Ben can then proceed to the next steps of the risk assessment process, which include determining the impact and likelihood of each threat, and identifying vulnerabilities.