Security Risks: Performing Security Risk Assessments

IT Security    |    Beginner
  • 13 videos | 1h 35m 51s
  • Includes Assessment
  • Earns a Badge
Likes 21 Likes 21
The categorization of security risks is essential for effectively assessing and managing risk. In this course, you'll explore the assessment, classification, and prioritization of security risks. You'll begin by outlining the concept of risk assessment and the advantages of different risk assessment techniques. You'll also investigate the features of security assessment methods, such as vulnerability assessment and penetration testing, and discover how to assess security vulnerability. Moving on, you'll recognize the significance of risk categorization and how to update a risk register in Microsoft Excel using a four-quadrant risk classification matrix. Finally, you'll identify the purpose and process of risk prioritization, and the role of a probability-impact matrix in determining risk levels. You'll then investigate how to use the matrix to prioritize risks on a security risk register.


  • discover the key concepts covered in this course
    define the concept, advantages, and activities of risk assessment
    list different types of risk assessment
    describe the characteristics of qualitative risk assessment along with its advantages and disadvantages
    describe the characteristics of quantitative risk assessment along with its advantages and disadvantages
    identify vulnerability assessment and penetration testing as security assessment methods
    demonstrate security vulnerability assessment
  • outline risk categorization using the four-quadrant risk classification
    illustrate how to update a risk register in Microsoft Excel
    recognize the importance of prioritizing risks
    outline the role of probability-impact matrix in prioritizing risks
    demonstrate how to prioritize risks in a security risk register using a probability-impact matrix
    summarize the key concepts covered in this course


  • 1m 43s
    In this video, you’ll learn more about the course and your instructor. In this course, you’ll learn to define risk assessment and its types. You’ll also learn about the qualitative and quantitative risk assessment methods. You’ll also learn about the security assessment methods such as vulnerability assessment and penetration testing. The course will also cover risk categorization methods. Finally, you’ll learn about the risk register and methods used to update it. FREE ACCESS
  • 14m 30s
    In this video, you’ll learn more about risk assessment. You’ll learn what it is and the importance of it. You’ll discover risk assessment is the validation of critical assets, their weaknesses, and their threats. Every organization must be aware of its assets. When there are assets, there are going to be threats related to them. What you need to figure out is what’s needed to mitigate these threats. FREE ACCESS
  • Locked
    3.  Types of Security Risk Assessment
    4m 59s
    In this video, you’ll learn that risk assessment is essentially of two types, the qualitative method and the quantitative method. You’ll learn more about the characteristics of these risk assessment types. Both assess risks in different ways. You’ll discover there is no correct method to use, it simply depends on the organization. FREE ACCESS
  • Locked
    4.  Characteristics of Qualitative Risk Assessment
    11m 18s
    In this video, you’ll learn more about qualitative risk assessment. You’ll learn it focuses on evaluating the value of assets and the impact of threats to these assets in different scenarios. This type of risk assessment doesn’t use the monetary value component of risk assessments. Instead, it takes a look at different scenarios, risk possibility scenarios, and ranks the threat seriousness using different grades such as low, medium, or high. FREE ACCESS
  • Locked
    5.  Characteristics of Quantitative Risk Assessment
    8m 13s
    In this video, you’ll learn more about quantitative risk assessment. You’ll learn this is completely opposite of qualitative risk assessment. You’ll quantitative risk assessment is objective. It gives you objective-based results, and it is considered difficult to use because you need to do a lot of calculations to successfully complete this risk assessment. It uses a data-intensive and scientific approach. FREE ACCESS
  • Locked
    6.  Security Risk Assessment Methods
    9m 43s
    In this video, you’ll learn there are two different kinds of security assessment methods. You’ll discover one is the vulnerability assessment and the second one is penetration testing. A vulnerability assessment finds the vulnerabilities within an operating system or within an application. Penetration testing also helps find vulnerabilities but it goes one step further. It exploits those vulnerabilities to figure out the amount of damage a vulnerability can cause. FREE ACCESS
  • Locked
    7.  Assessing Security Vulnerability
    11m 45s
    In this video, you’ll watch a demo. You’ll see how to do a vulnerability scan. You’ll scan a vulnerable website.   You’ll learn to use Kali Linux, which offers many vulnerability scanning applications. In this demo, you’ll use nikto. First, you’ll click on it and you’ll see the terminal window opens up. It will display the help file. This help file will provide you with several options. You’ll type in, and the vulnerability scanning starts. FREE ACCESS
  • Locked
    8.  Categorizing Risk Using Four-quadrant Classification
    7m 27s
    In this video, you’ll learn more about risk. Risk can be classified into four different categories. These are known knowns, unknown knowns, unknown unknowns, and known unknowns. Each of these has a distinct definition, which you’ll delve into in this video. Depending on the type of risk you're dealing with, you’ll need to classify it into one of the categories. FREE ACCESS
  • Locked
    9.  Updating a Security Risk Register in Microsoft Excel
    5m 3s
    In this video, you’ll learn more about updating the risk register. In this video, you’ll learn how to update the existing risk register you created in the Performing Security Risk Identification course. First, you’ll enter a new risk. You’ll enter a risk from a vulnerability scan that was performed on Kali Linux and found 1 warning. It also found 58 suggestions.  FREE ACCESS
  • Locked
    10.  Security Risk Prioritization
    5m 40s
    In this video, you’ll learn more about performing a risk prioritization. You’ll learn you need to find out which risks have high score values, which have medium score values, and which have low score values. You’ll discover this is the method that will help you define risk levels. You’ll learn you need to define critical risks first, and then move down to the least critical risks. FREE ACCESS
  • Locked
    11.  Probability-impact Matrix for Risk Prioritization
    5m 38s
    In this video, you’ll learn more about the probability-impact matrix. You’ll learn it will help you prioritize risk using quantitative risk assessment. This matrix puts a number against probability. Then, it puts a number against the impact. Next, you’ll multiply both of these numbers to get the risk score. This will help you identify critical risks that need immediate attention. Risks with a high-risk score are those that need immediate attention. FREE ACCESS
  • Locked
    12.  Illustrating the Probability-impact Matrix
    8m 49s
    In this video, you’ll learn more about updating the risk register using probability-impact metrics. You’ll use the risk register from the video Creating a Security Risk Register in the course Performing Security Risk Identification. You’ll take that risk register and update it using probability-impact metrics. You’ll enter the risk scores based on the various risks and you’ll enter their probability and impact. Now you have a specific risk score for each. FREE ACCESS
  • Locked
    13.  Course Summary
    1m 4s
    In this video, you’ll summarize what you learned in the course. You learned basic concepts of risk assessments. You explored the introduction to risk assessment, types of risk assessment, the qualitative risk assessment method, the quantitative risk assessment method, and security assessment methods. You also learned about vulnerability assessment, risk classification, updating a risk register, risk prioritization, and probability-impact matrix. FREE ACCESS


Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.