u/Deep_Butterfly1409

Here’s a Domain 5 scenario for today.

A company is evaluating the risk of a ransomware attack against a critical file server.

The security team estimates:

• Asset value: $200,000 • Exposure factor: 25% • Annualized rate of occurrence: 0.4

What is the Annualized Loss Expectancy?

A) $20,000 B) $50,000 C) $80,000 D) $200,000

Take a moment to calculate it before checking below.

 

 

 

 

 

 

 

 

 

 

 

 

Answer: A

Explanation: First calculate the Single Loss Expectancy:

SLE = Asset Value × Exposure Factor SLE = $200,000 × 0.25 = $50,000

Then calculate Annualized Loss Expectancy:

ALE = SLE × ARO ALE = $50,000 × 0.4 = $20,000

So the correct answer is A) $20,000.

Why the others don’t fit: B is the SLE, not the ALE. C incorrectly applies the ARO to the full asset value. D is the full asset value, not the expected annualized loss.

Here's a Domain 1 scenario for today.

A company transitions from a perimeter-based security model to zero trust. Which change would be MOST aligned with zero trust principles?

A) Removing all firewalls since perimeter security is no longer needed
B) Requiring continuous authentication and device health checks for all resource access
C) Allowing unlimited access for users once they pass initial authentication
D) Trusting all traffic from the corporate VPN

Take a moment to consider your answer before checking below.

 

 

 

 

 

 

 

 

 

 

 

 

Answer: B

Explanation:
Zero trust is built around “never trust, always verify.” The key idea is that access should be continuously evaluated based on identity, device health, context, and risk — not just granted once at login.

Why the others don’t fit: Removing firewalls is wrong because zero trust adds tighter controls; it doesn’t mean abandoning perimeter defenses. Unlimited access after login is the old “trust after authentication” model. Trusting all VPN traffic also violates zero trust because network location alone should not make something trusted.