NCAE Mapping Hub Authoritative cross-reference for DCWF, NCAE Knowledge Units, O*NET, and the EWU Cyber Operations program

Security+ · 1.0 General Security Concepts

Risk assessment

The process of identifying assets, threats, vulnerabilities, and impact, then quantifying risk as (likelihood × impact). Output: a ranked list of what to protect first.

How this shows up at NCAE

The points-per-tick ranking on this site IS a competition-time risk assessment. SMB Login downtime has higher impact (3× weight) than Router ICMP (1×), so you mitigate SMB first.