Single Loss Expectancy (SLE) represents an organization's loss from a single threat. Which of the following formulas best describes the Single Loss Expectancy (SLE)?

• A.SLE = Asset Value (AV) * Exposure Factor (EF)
• B.SLE = Annualized Loss Expectancy (ALE) * Annualized Rate of Occurrence (ARO)
• C.SLE = Annualized Loss Expectancy (ALE) * Exposure Factor (EF)
• D.SLE = Asset Value (AV) * Annualized Rate of Occurrence (ARO)

Comment: *

Name: *

Email: *

Verification: *

The build environment of secure coding consists of some tools that actively support secure specification, design, and implementation. Which of the following features do these tools have? Each correct answer represents a complete solution. Choose all that apply.

• A.They decrease the exploitable flaws and weaknesses.
• B.They reduce and restrain the propagation, extent, and damage that have occurred by insecure software behavior.
• C.They decrease the attack surface.
• D.They employ software security constraints, protections, and services.
• E.They decrease the level of type checking and program analysis.

Comment: *

Name: *

Email: *

Verification: *

Which of the following test methods has the objective to test the IT system from the viewpoint of a threat- source and to identify potential failures in the IT system protection schemes?

• A.Security Test and Evaluation (ST&E)
• B.Penetration testing
• C.Automated vulnerability scanning tool
• D.On-site interviews

Comment: *

Name: *

Email: *

Verification: *

Which of the following DITSCAP C&A phases takes place between the signing of the initial version of the SSAA and the formal accreditation of the system?

• A.Phase 4
• B.Phase 3
• C.Phase 1
• D.Phase 2

Comment: *

Name: *

Email: *

Verification: *

An authentication method uses smart cards as well as usernames and passwords for authentication. Which of the following authentication methods is being referred to?

• A.Anonymous
• B.Mutual
• C.Multi-factor
• D.Biometrics

Comment: *

Name: *

Email: *

Verification: *