Use Calculator in CISSP

maktoummaktoum Member Posts: 19 ■■■□□□□□□□
Hi, 

is it allow to use a computer calculator during the CISSP exam?

sometimes there are questions to calculate the SLE and ALE.

Thank you

Comments

  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,840 Admin
    Those questions are simple, pencil-and-paper arithmetic and you really don't need a calculator. Here's the basics that I've taught:

    Asset Value (AV) is the cost to restore, repair, or replace the entire asset, or to return the asset to full operation.
    AV is a dollar value, such as $5000.

    Exposure Factor (EF) is the percentage of an asset loss caused by the realization of a threat. Loss may be physical damage or operational time.
    EF ranges from 0 to 100% (0.00 to 1.00).

    Annualized Rate of Occurrence (ARO) is the number of times a threat may be realized (occur) per year.
    ARO formulas:
      Once per year = 1
      More than once per year = 1 x number of occurrences
      Less than once per year = 1 / number of occurrences
    ARO examples:
      15 times per year = 1 x 15 = 15
      Once every 15 years = 1 / 15 = 0.06666667

    Single Loss Expectancy (SLE) is the estimated cost of repairing, restoring, or replacing an asset that has experienced loss from a threat once.
    SLE formula: SLE = AV x EF
    SLE example: $4000 = $10000 x 0.40

    Annualized Loss Expectancy (ALE) is the estimated cost of repairing, restoring, or replacing an asset that has experienced loss from a threat per year.
    ALE formula: ALE = SLE x ARO
    ALE examples:
      $4K asset three times per year: $12000 = $4000 x 3.0
      $4K asset every three years: $1333.32 = $4000 x 0.33333


  • E Double UE Double U Member Posts: 1,747 ■■■■■■■■■□
    A calculator is not allowed, but if I remember correctly there is a calculator function within the exam interface. I know GIAC does that at least. 
    Alphabet soup: CISSP, CCSP, CISM, CISA, GDSA, GPEN, GCIA, GCIH, GCCC, CEH, Azure Fundamentals, Azure Security Engineer Associate, ITIL 4 Foundation, and more.

    2020 goals: AZ-900, AZ-500, GDSA, ITILv4

    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • maktoummaktoum Member Posts: 19 ■■■□□□□□□□
    thank you very much for your reply, I did the exam this week and i have successfully passed the exam.
  • E Double UE Double U Member Posts: 1,747 ■■■■■■■■■□
    Congratulations!

    Did you need a calculator? 
    Alphabet soup: CISSP, CCSP, CISM, CISA, GDSA, GPEN, GCIA, GCIH, GCCC, CEH, Azure Fundamentals, Azure Security Engineer Associate, ITIL 4 Foundation, and more.

    2020 goals: AZ-900, AZ-500, GDSA, ITILv4

    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • maktoummaktoum Member Posts: 19 ■■■□□□□□□□
Sign In or Register to comment.