Risk determination, Computer Network Security

Assignment Help:

Risk Determination

For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an element of uncertainty. For instance

• Information asset A has a value score 50 and has 1 vulnerability: Vulnerability
1 has a likelihood of 1.0 with no current controls and you estimate that the assumptions and data are 90 percent accurate.
• Information asset B has a value score of 100 and has 2 vulnerability 2 has a likelihood of 0.5 with a current control which addresses 50 percent of risk. Vulnerability
3 has a likelihood of 0.1 with no current controls.

Resulting ranked list of risk ratings for the 3 vulnerabilities:

 Asset A: Vulnerability 1 rated as 55 = (50 x 1.0) –0% + 10% Where 55 = (50 x 1.0) – ( ( 50x 1.0)x0.0) + ( ( 50x1.0) x 0.1)
55 = 50 - 0 + 5

Asset B: Vulnerability 2 rated as 35 = (100 x 0.5) – 50% + 20% Where 35 = (100 x 0.5) – ( (100 x 0.5)x 0.5) + ( ( 100 x0.5) x 0.2)
35 = 50 – 25 + 10

Asset C: Vulnerability 3 rated as 12 = (100 x 0.1) – 0% + 20% Where 12= (100 x 0.1) – ((100 x 0.1) x 0.0) + ((100 x0.1) x 0.2)
12 = 10 - 0 + 2


Related Discussions:- Risk determination

Write a note on digital signature, Question 1 Explain the types of threats...

Question 1 Explain the types of threats (Attacks) Question 2 What are the Characteristics of Good Encryption Technique? Question 3 Write a note on Digital Signatur

Important features of application layer, Describe the important features of...

Describe the important features of application layer. The features of the application layer are as follows. 1. Efficient User Interface Design is explained below: Appli

Define the term enterprise network, a) Define the term "Enterprise Network"...

a) Define the term "Enterprise Network". b) Briefly discuss the similarity and differences between a switch and a router. c) A company XYZ has been renting the 1 st Floor of

What is meant by certificate revocation, QUESTION (a) Which PKI (Public...

QUESTION (a) Which PKI (Public Key Infrastructure) model is typically favored by business organization? (b) Give one possible use of the "extensions" field of an X.509 certi

Bus topology, BUS TOPOLOGY In a bus topology all devices are attached ...

BUS TOPOLOGY In a bus topology all devices are attached to a single long cable and any device can send data to any other device. For this function, coordination is needed to d

Calculate the false rejection, Divide the user data into 6 equal sets. Use ...

Divide the user data into 6 equal sets. Use the first set for the enrollment phase of your system, and the rest for the verification phase. Use the following formula to calculate t

Local talk, LOCAL TALK Apple discovered the LAN technology that uses b...

LOCAL TALK Apple discovered the LAN technology that uses bus topology. Its interface is added with all Macintosh computers. It has very low speed i.e. 230.4Kbps. Also it is ch

Risk determination, Risk Determination For purpose of relative risk asse...

Risk Determination For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an elem

Udp datagram format, UDP DATAGRAM FORMAT: It is given in the figure be...

UDP DATAGRAM FORMAT: It is given in the figure below:

Digital signatures, Digital Signatures Digital Signatures are encrypted ...

Digital Signatures Digital Signatures are encrypted messages which can be proven mathematically to be authentic. These are created in response to rising requirement to verify in

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd