Chapter 17

Question 1

PIA (Privacy Impact Assessment)`

Answer 1

Determines how an organization collects, processes, stores, and shares PII (Personally Identifiable Information).

Question 2

AV (Asset Value)

Answer 2

The cost to acquire, replace or the depreciated cost of an asset.

Question 3

ARO (Anuualized Rate of Occurrence)

Answer 3

The number of times the risk is expected to occur each year.

Question 4

EF (Exposure Factor)

Answer 4

Determines the amount of damage that will occur to the asset if the risk materializes.

Question 5

ALE (Annualized Loss Expectancy)

Answer 5

The amount of damage expected from a risk each year. Calculated by multiplying the SLE and the ARO

Question 6

SLE (Single Loss Expectancy)

Answer 6

The amount of financial damage expected each time a risk materializes. Calculated by multiplying the AV by the EF.

Question 7

MTBF (Mean Time Between Failures)

Answer 7

The expected amount of time that will elapse between system failures.

Question 8

MTTR (Mean Time to Repair)

Answer 8

The average amount of time to restore a system to its normal operating state after a failure.

Question 9

RTO (Recovery Time Objective)

Answer 9

The a mount of time that the organization can tolerate a system being down before it is repaired.

Question 10

RPO (Recovery Point Objective)

Answer 10

The amount of data that the organization can tolerate losing during an outage.