13.2.7 Section Quiz

You have conducted a risk analysis to protect a key company asset. You identify the following values: Asset value = 400 Exposure factor = 75 Annualized rate of occurrence = .25 What is the annualized loss expectancy (ALE)?

75

What is the average number of times that a specific risk is likely to be realized in a single year?

Annualized rate of occurrence

A file server with data is consider which of the following asset types?

Both tangible and intangible

When should a hardware device be replaced in order to minimize downtime?

Just before its MTBF is reached

What is the primary goal of business continuity planning?

Maintain business operations with reduced or restricted infrastructure capabilities or resources

A broken water pipe that floods the reception area would be considered which type of threat?

Natural

When analyzing assets, which analysis method assigns financial values to assets?

Quantitative

Which of the following terms describes the actual time required to successfully recover operations in the event of an incident?

Recovery time objective (RTO)

Your company has developed and implemented countermeasures for the greatest risks to their assets. However, there is still some risk left. What is the remaining risk called?

Residual risk

Which of the following best defines single loss expectancy (SLE)?

The total monetary loss associated with a single occurrence of a threat.