Which of the following is a CHARACTERISTIC of a decision support system (DSS) in regards to Threats and Risks Analysis?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
DSS emphasizes flexibility in the decision-making approach of users.
It is aimed at solving less structured problems, combines the use of models and analytic techniques with traditional data access and retrieval functions and supports semi-structured decision-making tasks.
DSS is sometimes referred to as the Delphi Method or Delphi Technique: The Delphi technique is a group decision method used to ensure that each member gives an honest opinion of what he or she thinks the result of a particular threat will be.
This avoids a group of individuals feeling pressured to go along with others thought processes and enables them to participate in an independent and anonymous way.
Each member of the group provides his or her opinion of a certain threat and turns it in to the team that is performing the analysis.
The results are compiled and distributed to the group members, who then write down their comments anonymously and return them to the analysis group.
The comments are compiled and redistributed for more comments until a consensus is formed.
This method is used to obtain an agreement on cost, loss values, and probabilities of occurrence without individuals having to agree verbally.
Here is the ISC2 book coverage of the subject: One of the methods that uses consensus relative to valuation of information is the consensus/modified Delphi method.Participants in the valuation exercise are asked to comment anonymously on the task being discussed.
This information is collected and disseminated to a participant other than the original author.
This participant comments upon the observations of the original author.
The information gathered is discussed in a public forum and the best course is agreed upon by the group (consensus)
EXAM TIP: The DSS is what some of the books are referring to as the Delphi Method or Delphi Technique.
Be familiar with both terms for the purpose of the exam.
The other answers are incorrect: 'DSS is aimed at solving highly structured problems' is incorrect because it is aimed at solving less structured problems.
'DSS supports only structured decision-making tasks' is also incorrect as it supports semi-structured decision-making tasks.
'DSS combines the use of models with non-traditional data access and retrieval functions' is also incorrect as it combines the use of models and analytic techniques with traditional data access and retrieval functions.
Reference(s) used for this question: Harris, Shon (2012-10-25)
CISSP All-in-One Exam Guide, 6th Edition (p.
91)
McGraw-Hill.
Kindle Edition.
and Schneiter, Andrew (2013-04-15)
Official (ISC)2 Guide to the CISSP CBK, Third Edition : Information Security Governance and Risk Management ((ISC)2 Press) (Kindle Locations 1424-1426)
Auerbach Publications.
Kindle Edition.
A decision support system (DSS) is a computer-based tool that helps users make informed and effective decisions. One of the main applications of DSS is in the area of Threats and Risks Analysis. A DSS can be used to analyze potential threats and risks to an organization, and provide recommendations for mitigating or avoiding those risks.
Out of the options provided, the most appropriate characteristic of a DSS in regards to Threats and Risks Analysis is:
D. DSS combines the use of models with non-traditional data access and retrieval functions.
Explanation:
A. DSS is aimed at solving highly structured problems. This option is not a characteristic of a DSS in the context of Threats and Risks Analysis. Threats and Risks Analysis is a complex, unstructured problem that requires the analysis of a vast amount of data from various sources. While DSS is designed to help users solve problems, it is not limited to highly structured problems.
B. DSS emphasizes flexibility in the decision making approach of users. This option is not a characteristic of a DSS in the context of Threats and Risks Analysis. While flexibility is an important characteristic of a DSS, it is not specific to Threats and Risks Analysis. Flexibility allows users to adjust their decision-making approach to suit their needs, but it does not directly relate to the analysis of threats and risks.
C. DSS supports only structured decision-making tasks. This option is not a characteristic of a DSS in the context of Threats and Risks Analysis. Threats and Risks Analysis is an unstructured problem that requires the analysis of complex and diverse data from multiple sources. DSS is designed to support both structured and unstructured decision-making tasks.
D. DSS combines the use of models with non-traditional data access and retrieval functions. This option is the most appropriate characteristic of a DSS in regards to Threats and Risks Analysis. DSS combines the use of models (such as statistical models, predictive models, and simulation models) with non-traditional data access and retrieval functions (such as data mining, web mining, and text mining) to help users analyze threats and risks. Models provide a structured approach to analyzing data, while non-traditional data access and retrieval functions allow users to analyze diverse data from various sources. This combination of models and non-traditional data access and retrieval functions makes DSS an effective tool for Threats and Risks Analysis.
In conclusion, the characteristic of a DSS in regards to Threats and Risks Analysis is that it combines the use of models with non-traditional data access and retrieval functions.