Vulnerability Assessment: Assessing Facility Vulnerability | SSCP Exam Preparation

Facility Vulnerability Assessment

Prev Question Next Question

Question

The "vulnerability of a facility" to damage or attack may be assessed by all of the following except:

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

D.

Source: The CISSP Examination Textbook- Volume 2: Practice by S.

Rao Vallabhaneni.

The vulnerability of a facility refers to the level of risk that the facility is exposed to when it comes to potential damage or attacks. Assessing the vulnerability of a facility is an essential step in developing a security plan for the facility. It involves identifying the weaknesses or gaps in the facility's security and taking steps to mitigate or eliminate them.

There are several ways to assess the vulnerability of a facility, including inspection, history of losses, security controls, and security budget. Let's discuss each of these options in detail and explain why one of them is not an appropriate method for assessing vulnerability.

  1. Inspection: A physical inspection of the facility is a common method for assessing its vulnerability. The inspection includes a review of the physical security measures in place, such as access control, surveillance, and alarms. This method can help identify weaknesses in the facility's security that need to be addressed.

  2. History of losses: Another way to assess a facility's vulnerability is to look at its history of losses. This includes incidents such as thefts, burglaries, and vandalism. By analyzing this information, security administrators can identify patterns and trends that may indicate areas of weakness in the facility's security.

  3. Security controls: The security controls that are in place can also be used to assess a facility's vulnerability. This includes measures such as access control, surveillance, and alarms. By reviewing these controls, security administrators can identify areas that need improvement or enhancement.

  4. Security budget: The security budget refers to the financial resources that are allocated for security measures. While it may seem logical to assume that a facility with a higher security budget is less vulnerable to attacks, this is not necessarily the case. The budget alone does not provide an accurate picture of the facility's vulnerabilities.

Therefore, the correct answer to the question is D, security budget, as it is not an appropriate method for assessing the vulnerability of a facility. While the budget is an important factor in implementing security measures, it does not provide a complete picture of the facility's vulnerabilities. The other three methods, inspection, history of losses, and security controls, are all effective ways to assess the vulnerability of a facility.