CompTIA Security+ SY0-701 Practice Question
As part of a comprehensive risk management process, your organization is conducting a qualitative risk analysis. The team must evaluate potential threats to the confidential client information stored in your database. Which approach best captures the concerns of various stakeholders, including customer service, IT, and executive management, towards the risks associated with the stored client information?
Limit the analysis to the IT department, as they have the technical knowledge about the database security.
Use automated scanning tools to identify vulnerabilities in the database and rank them based on the frequency of occurrence.
Hold structured brainstorming sessions with representatives from customer service, IT, and executive management.
Ask the executive management to decide on the risks since they have the highest stake in company reputation and finances.