Safeguards, security controls, and countermeasures will primarily reduce risk through a reduction in the potential rate of compromise (i.e., ARO). However, some safeguards will also reduce the amount or severity of damage (i.e., EF). For those safeguards that only reduce the ARO, the amount of loss of a single realized event (i.e., SLE) is the same with or without the safeguard. ---- Official CISSP Guide 9th Edition ---- Cost vs. Benefit Analysis.
We cannot reduce Likelihood but we can have mindset to reduce the impact ---- I am confused. The whole idea of Risk Assessment is to reduce the ARO (Likelihood) in first place to acceptable level. That is I know.
Thank you @Prabh Nair- Your this video series really helped me for last day Domains revision. Passed CISSP today :)
Prabh Prabh Prabh … amazing 🤩
Very excellent, needs all CISSP videos...
Great Explanation and it was an amazing video. I loved watching all your CISSP videos.
Very helpful information 🙏
Great Explanation Nair..thanks
Amazing Prabh. the way you explain with examples is really amazing. please keep up with the good work. Thanks
Wonderfull explanation prabh
This is an amazing series Prabh, thank you for your hard work. Regards.
Very explained!
Safeguards, security controls, and countermeasures will primarily reduce risk through a reduction in the potential rate of compromise (i.e., ARO). However, some safeguards will also reduce the amount or severity of damage (i.e., EF). For those safeguards that only reduce the ARO, the amount of loss of a single realized event (i.e., SLE) is the same with or without the safeguard. ---- Official CISSP Guide 9th Edition ---- Cost vs. Benefit Analysis.
Very good video Prabh
Thread Modeling happens in Design phase or Development phase. CBK 6 says development phase. pls confirm
is this last part of domain 1 theory?
Man you are great, I wish to do CISM after I pass the CISSP. I wonder if you run a CISM training program, I would like to subscribe.
Hi , course price how much
We cannot reduce Likelihood but we can have mindset to reduce the impact ---- I am confused. The whole idea of Risk Assessment is to reduce the ARO (Likelihood) in first place to acceptable level. That is I know.
Aro and ale all quantitative assessment
Risk Assessment is sum of (identifying , Analysis and Evaluation risk)