Rate of Occurrence (ARO).
            625- The dollar value of the loss is known as Single Loss Expectancy (SLE).

            626- Multiplying ARO and SLE gives a value of Annual Loss Expectancy (ALE).

            627- The formula for calculating the loss resulting from a risk is ALE=ARO x SLE.



            Threat identification

            628- Identification of risks leads to identification of possible threats to a system.
            629- Threats include incidents involving vandalism, theft of equipment or data, and physical or

            software intrusions.
            630- Appropriate steps should be taken to avoid potential threats.



            Vulnerabilities

            631- Vulnerability is defined as the weakness of a system.

            632- It can lead to exposure of critical and confidential information.
            633- Vulnerabilities can lead to internal malicious activities or even outside security attacks.

            634- Every software application and all hardware devices are vulnerable if not configured and
            secured properly.

            635- Vulnerability↔Threat↔Risk


















            Resources:


            1-Security+ MS Press

            2-Security+ Sybex

            3-Security+ Syngress

            4-Security+ Mc Graw Hill








                   www.hrnikkhah.com                        by :  Hamid  Reza  Nikkhah                 Page 35