A calculation that simply compares the Annual Loss Expectancy against the expected savings from implementing a given control.

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Study for the CompTIA SecurityX Test. Equip yourself with comprehensive flashcards and multiple choice questions that include hints and explanations. Gear up for your certification exam!

Multiple Choice

A calculation that simply compares the Annual Loss Expectancy against the expected savings from implementing a given control.

Explanation:
This looks at the value of a security control by weighing how much loss you avoid each year against what you spend on the control. In risk terms, ALE (annual loss expectancy) is the expected yearly cost from a threat without the control, and the savings from the control are the yearly benefits you gain by reducing that risk. The measurement that captures how much you gain per unit of money spent is return on investment. ROI is essentially the ratio of the benefit (the savings) to the cost of the control, indicating whether you’re getting a worthwhile return. If the savings outweigh the cost, ROI is positive, meaning the investment makes sense; if not, it’s not worthwhile. Payback would focus on how long it takes to recover the initial outlay, which is a different calculation; magnitude of impact isn’t a calculation, and a compensative control is a type of control, not a metric.

This looks at the value of a security control by weighing how much loss you avoid each year against what you spend on the control. In risk terms, ALE (annual loss expectancy) is the expected yearly cost from a threat without the control, and the savings from the control are the yearly benefits you gain by reducing that risk. The measurement that captures how much you gain per unit of money spent is return on investment. ROI is essentially the ratio of the benefit (the savings) to the cost of the control, indicating whether you’re getting a worthwhile return. If the savings outweigh the cost, ROI is positive, meaning the investment makes sense; if not, it’s not worthwhile.

Payback would focus on how long it takes to recover the initial outlay, which is a different calculation; magnitude of impact isn’t a calculation, and a compensative control is a type of control, not a metric.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy