QUESTION: 49

An asset with a value of $600,000 is subject to a successful malicious attack threat twice a year. The asset has an exposure of 30 percent to the threat. What will be the annualized loss expectancy?

$360,000
$180,000
$280,000
$540,000

Answer(s): A

Explanation:

The annualized loss expectancy will be $360,000. Annualized loss expectancy (ALE) is the annually expected financial loss to an organization from a threat. The annualized loss expectancy (ALE) is the product of the annual rate of occurrence (ARO) and the single loss expectancy (SLE). It is mathematically expressed as follows:
ALE = Single Loss Expectancy (SLE) * Annualized Rate of Occurrence (ARO)
Here, it is as follows:
SLE = Asset value * EF (Exposure factor)
= 600,000 * (30/100)
= 600,000 * 0.30
= 180,000
ALE = SLE * ARO
= 180,000 * 2
= 360,000
Answers C, B, and D are incorrect. These are not valid answers.

Reveal Solution Next Question

QUESTION: 50

Which of the following are the common roles with regard to data in an information classification program? Each correct answer represents a complete solution. Choose all that apply.

Editor
Custodian
Owner
User
Security auditor

Answer(s): B,C,D,E

Explanation:

The following are the common roles with regard to data in an information classification program: Owner Custodian User Security auditor The following are the responsibilities of the owner with regard to data in an information classification program: Determining what level of classification the information requires. Reviewing the classification assignments at regular time intervals and making changes as the business needs change. Delegating the responsibility of the data protection duties to the custodian. The following are the responsibilities of the custodian with regard to data in an information classification program: Running regular backups and routinely testing the validity of the backup data Performing data restoration from the backups when necessary Controlling access, adding and removing privileges for individual users The users must comply with the requirements laid out in policies and procedures. They must also exercise due care. A security auditor examines an organization's security procedures and mechanisms.

Reveal Solution Next Question

QUESTION: 51

Which of the following life cycle modeling activities establishes service relationships and message exchange paths?

Service-oriented logical design modeling
Service-oriented conceptual architecture modeling
Service-oriented discovery and analysis modeling
Service-oriented business integration modeling

Answer(s): A

Explanation:

The service-oriented logical design modeling establishes service relationships and message exchange paths. It also addresses service visibility and crafts service logical compositions.

Reveal Solution Next Question

QUESTION: 52

You have a storage media with some data and you make efforts to remove this data. After performing this, you analyze that the data remains present on the media. Which of the following refers to the above mentioned condition?

Object reuse
Degaussing
Residual
Data remanence

Answer(s): D

Explanation:

Data remanence refers to the data that remains even after the efforts have been made for removing or erasing the data. This event occurs because of data being left intact by an insignificant file deletion operation, by storage media reformatting, or through physical properties of the storage medium. Data remanence can make unintentional disclosure of sensitive information possible. So, it is required that the storage media is released into an uncontrolled environment.
Answers C and B are incorrect. These are the made-up disasters. Answer A is incorrect. Object reuse refers to reassigning some other object of a storage media that has one or more objects.

Reveal Solution Next Question

Free CSSLP Exam Braindumps (page: 13)

QUESTION: 49

Explanation:

QUESTION: 50

Explanation:

QUESTION: 51

Explanation:

QUESTION: 52

Explanation: