Free CompTIA Security+ SY0-601 Practice Question

A Quantitative risk assessment is the correct answer as it involves calculating the potential impact in monetary terms, which is done by assigning monetary values to assets and estimating the cost associated with the loss of those assets. This type of assessment is most effective when a financial quantification of risks is needed. Qualitative risk assessments, while useful, do not provide numeric monetary values but rather rely on scenarios and subjective evaluations of impact and likelihood. Semi-quantitative assessments offer a middle-ground, using numeric values to represent qualitative data but do not provide the detailed financial analysis that quantitative assessments do. Likelihood assessments focus on the probability of occurrence and do not inherently measure financial impact.