CompTIA Security Plus Mock Test Q381

Which of the following would BEST be used to calculate the expected loss of an event, if the likelihood of an event occurring is known? (Select TWO).

A. DAC
B. ALE
C. SLE
D. ARO
E. ROI

Correct Answer: B,C
Section: Compliance and Operational Security

Explanation:
ALE (Annual Loss Expectancy) is equal to the SLE (Single Loss Expectancy) times the annualized rate of occurrence. SLE (Single Loss Expectancy) is equal to asset value (AV) times exposure factor (EF).

Incorrect Answers:
A: DAC is short for Discretionary Access Control which allows some information sharing flexibility capabilities within the network.
D: ARO (annualized rate of occurrence) is the frequency (in number of years) that an event can be expected to happen.
E: ROI (Rate Of Investment) is the benefit (return) of an investment is divided by the cost of the investment; the result is expressed as a percentage or a ratio.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 5-6