What does the other 20 percent represent?

Based on quantitative calculations, the company has determined that by implementing a better firewall, they will reduce their risk exposure by 80 percent.
What does the other 20 percent represent?

Based on quantitative calculations, the company has determined that by implementing a better firewall, they will reduce their risk exposure by 80 percent.
What does the other 20 percent represent?

A.
Single loss expectancy

B.
Annualized loss expectancy

C.
Residual risk

D.
Vulnerability percentage

Explanation:
No security solution is 100 percent effective. After a countermeasure is applied to
reduce risk, the risk is adjusted down accordingly. The remaining risk left after
the countermeasure is applied is referred to as residual risk. Annualized loss
expectancy is the gross calculated cost of the company’s risk exposure calculated
for one year. It is made up of the single loss expectancy multiplied by the
annualized rate of occurrence. The single loss expectancy is made up of the asset
value multiplied by the calculated exposure factor. There is no such thing as a
vulnerability percentage.



Leave a Reply 0

Your email address will not be published. Required fields are marked *