Which of the following risk concepts requires an organization to determine the number of failures per year?
A. SLE B. ALE C. MTBF D. Quantitative analysis
Correct Answer: B Section: Compliance and Operational Security
Explanation:
ALE is the annual loss expectancy value. This is a monetary measure of how much loss you could expect in a year.
Incorrect Answers:
A: SLE is a monetary value, and it represents how much you expect to lose at any one time: the single loss expectancy. SLE can be divided into two components: AV (asset value) and
the EF (exposure factor).
C: The mean time between failures (MTBF) is the measure of the anticipated incidence of failure for a system or component. This measurement determines the component’s
anticipated lifetime.
D: Quantitative analysis is used to the show the logic and cost savings in replacing a server for example before it fails rather than after the failure.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 5, 8, 17
http://www.ciscopress.com/articles/article.asp?p=1998559&seqNum=2