# Use Calculator in CISSP

Member Posts: 19 ■■■□□□□□□□
in (ISC)²
Hi,

is it allow to use a computer calculator during the CISSP exam?

sometimes there are questions to calculate the SLE and ALE.

Thank you

• MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,840 Admin
Those questions are simple, pencil-and-paper arithmetic and you really don't need a calculator. Here's the basics that I've taught:

Asset Value (AV) is the cost to restore, repair, or replace the entire asset, or to return the asset to full operation.
AV is a dollar value, such as \$5000.

Exposure Factor (EF) is the percentage of an asset loss caused by the realization of a threat. Loss may be physical damage or operational time.
EF ranges from 0 to 100% (0.00 to 1.00).

Annualized Rate of Occurrence (ARO) is the number of times a threat may be realized (occur) per year.
ARO formulas:
Once per year = 1
More than once per year = 1 x number of occurrences
Less than once per year = 1 / number of occurrences
ARO examples:
15 times per year = 1 x 15 = 15
Once every 15 years = 1 / 15 = 0.06666667

Single Loss Expectancy (SLE) is the estimated cost of repairing, restoring, or replacing an asset that has experienced loss from a threat once.
SLE formula: SLE = AV x EF
SLE example: \$4000 = \$10000 x 0.40

Annualized Loss Expectancy (ALE) is the estimated cost of repairing, restoring, or replacing an asset that has experienced loss from a threat per year.
ALE formula: ALE = SLE x ARO
ALE examples:
\$4K asset three times per year: \$12000 = \$4000 x 3.0
\$4K asset every three years: \$1333.32 = \$4000 x 0.33333

• Member Posts: 1,747 ■■■■■■■■■□
A calculator is not allowed, but if I remember correctly there is a calculator function within the exam interface. I know GIAC does that at least.
Alphabet soup: CISSP, CCSP, CISM, CISA, GDSA, GPEN, GCIA, GCIH, GCCC, CEH, Azure Fundamentals, Azure Security Engineer Associate, ITIL 4 Foundation, and more.

2020 goals: AZ-900, AZ-500, GDSA, ITILv4

"You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
• Member Posts: 19 ■■■□□□□□□□
thank you very much for your reply, I did the exam this week and i have successfully passed the exam.
• Member Posts: 1,747 ■■■■■■■■■□
Congratulations!

Did you need a calculator?
Alphabet soup: CISSP, CCSP, CISM, CISA, GDSA, GPEN, GCIA, GCIH, GCCC, CEH, Azure Fundamentals, Azure Security Engineer Associate, ITIL 4 Foundation, and more.

2020 goals: AZ-900, AZ-500, GDSA, ITILv4

"You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
• Member Posts: 19 ■■■□□□□□□□
Thank you,

No