CompTIA Security Plus Mock Test Q387

Which of the following risk concepts requires an organization to determine the number of failures per year?

D. Quantitative analysis

Correct Answer: B
Section: Compliance and Operational Security

ALE is the annual loss expectancy value. This is a monetary measure of how much loss you could expect in a year.

Incorrect Answers:
A: SLE is a monetary value, and it represents how much you expect to lose at any one time: the single loss expectancy. SLE can be divided into two components: AV (asset value) and
the EF (exposure factor).
C: The mean time between failures (MTBF) is the measure of the anticipated incidence of failure for a system or component. This measurement determines the component’s
anticipated lifetime.
D: Quantitative analysis is used to the show the logic and cost savings in replacing a server for example before it fails rather than after the failure.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 5, 8, 17