Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
15 Cards in this Set
- Front
- Back
Quantitative risk analysis
|
Assigning monetary and numeric values to
all the data elements of a risk assessment. |
|
Qualitative risk analysis
|
Opinion-based method of analyzing risk
with the use of scenarios and ratings |
|
Single loss expectancy
|
One instance of an expected loss if a specific
vulnerability is exploited and how it affects a single asset |
|
Asset Value ×
Exposure Factor = SLE |
Formula for SLE
|
|
Annualized loss expectancy
|
Annual expected loss if a specific
vulnerability is exploited and how it affects a single asset |
|
SLE × ARO = ALE
|
Formula for ALE
|
|
Uncertainty analysis
|
Assigning confidence level values to data elements
|
|
Delphi method
|
Data collection method that happens in an
anonymous fashion. |
|
Cost/benefit analysis
|
Calculating the value of a control
|
|
Functionality versus effectiveness of control
|
Functionality is what a
control does, and its effectiveness is how well the control does it. |
|
Total risk
|
Full risk amount before a control is put into place
|
|
Residual risk
|
Risk that remains after implementing a control
|
|
Accept, transfer, mitigate, avoid.
|
Methods for handling risk
|
|
Threats
× vulnerabilities × assets × (control gap) = residual risk |
Formula for residual risk
|
|
Threats
× vulnerabilities × assets = total risk. |
Formula for total risk
|