During a risk assessment, a security analyst needs to determine the anticipated percentage of loss that an asset would suffer if a particular vulnerability were to be exploited. Which metric should the analyst calculate to quantify this potential loss?
Exposure factor
Annualized loss expectancy
Financial loss ratio
Impact score