An organization that needs to understand vulnerabilities and threats needs to perform a: a. Penetration test b. Business impact analysis c. Qualitative risk assessment d. Quantitative risk assessment...

An organization that needs to understand vulnerabilities and threats needs to perform a:

a. Penetration test

b. Business impact analysis

c. Qualitative risk assessment

d. Quantitative risk assessment

A risk manager has performed a risk analysis on a server that is worth $120,000. The risk manager has determined that the single loss expectancy is $100,000. The exposure factor is:

a. 83%

b. 1.2

c. 80%

d. 120%