Secure Software Lifecycle Professional – CSSLP – Question239 - Secure Software Lifecycle Professional

Single Loss Expectancy (SLE) represents an organization's loss from a single threat. Which of the following formulas best describes the Single Loss Expectancy (SLE)?

A. SLE = Asset Value (AV) * Exposure Factor (EF)
B. SLE = Annualized Loss Expectancy (ALE) * Annualized Rate of Occurrence (ARO)
C. SLE = Annualized Loss Expectancy (ALE) * Exposure Factor (EF)
D. SLE = Asset Value (AV) * Annualized Rate of Occurrence (ARO)

Correct Answer: A

Explanation:

Explanation: Single Loss Expectancy is a term related to Risk Management and Risk Assessment. It can be defined as the monetary value expected from the occurrence of a risk on an asset. It is mathematically expressed as follows: Single Loss Expectancy (SLE) = Asset Value (AV) * Exposure Factor (EF) where the Exposure Factor is represented in the impact of the risk over the asset, or percentage of asset lost. As an example, if the Asset Value is reduced two thirds, the exposure factor value is .66. If the asset is completely lost, the Exposure Factor is 1.0. The result is a monetary value in the same unit as the Single Loss Expectancy is expressed. Answer: C, D, and B are incorrect. These are not valid formulas of SLE.