Risk determination, Computer Network Security

Assignment Help:

Risk Determination

For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an element of uncertainty. For instance

• Information asset A has a value score 50 and has 1 vulnerability: Vulnerability
1 has a likelihood of 1.0 with no current controls and you estimate that the assumptions and data are 90 percent accurate.
• Information asset B has a value score of 100 and has 2 vulnerability 2 has a likelihood of 0.5 with a current control which addresses 50 percent of risk. Vulnerability
3 has a likelihood of 0.1 with no current controls.

Resulting ranked list of risk ratings for the 3 vulnerabilities:

 Asset A: Vulnerability 1 rated as 55 = (50 x 1.0) –0% + 10% Where 55 = (50 x 1.0) – ( ( 50x 1.0)x0.0) + ( ( 50x1.0) x 0.1)
55 = 50 - 0 + 5

Asset B: Vulnerability 2 rated as 35 = (100 x 0.5) – 50% + 20% Where 35 = (100 x 0.5) – ( (100 x 0.5)x 0.5) + ( ( 100 x0.5) x 0.2)
35 = 50 – 25 + 10

Asset C: Vulnerability 3 rated as 12 = (100 x 0.1) – 0% + 20% Where 12= (100 x 0.1) – ((100 x 0.1) x 0.0) + ((100 x0.1) x 0.2)
12 = 10 - 0 + 2


Related Discussions:- Risk determination

Calculate alpha and beta value caesar cipher, Task 1 a. Consider the t...

Task 1 a. Consider the table showing the relative frequencies of letters in English. Arrange the frequencies from largest to smallest, and make a cumulative plot, using Exc

Layering, ADDRESS RESOLUTION AND PROTOCOL ADDRESSES Address resolution...

ADDRESS RESOLUTION AND PROTOCOL ADDRESSES Address resolution (ARP) is a network interface layer protocol. Protocol addresses are used in all upper layers. Address resolution s

Develop a preliminary simulation model, Question: (a) State the strong ...

Question: (a) State the strong law of large numbers. (b) Data have been collected on response times (in minutes) at a fire station. The data are 2:7 1:8 0:8 1:4 1:2 (i

Cloud computing security infrastructure, i want to know about cloud computi...

i want to know about cloud computing server security infrastructure development process

Describe how the encapsulated security header protocol, Question: (a) ...

Question: (a) Give 2 benefits of using IPsec. (b) IPSec uses two protocol for security: Authentication Header protocol (AH) and the Encapsulated Security Header Protocol (

Steganography-cryptography, Steganography It is a process of hiding info...

Steganography It is a process of hiding information in use for a long time. Most popular modern version of this process hides information within files appearing to contain digit

Define bridges, Bridges perform both in the data link layers and physical...

Bridges perform both in the data link layers and physical of LANs of same kind. They split a bigger network in to smaller segments. They have logic that accept them to store the

E-commerce, briefly expslain type of e-commerce

briefly expslain type of e-commerce

Netfilter firewall, Netfilter Firewall Netfilter is the popular name f...

Netfilter Firewall Netfilter is the popular name for the packet filtering system installed by default in the Linux kernel. The filtering system can be used as a very effective

Pinging a web server, Ask quIf you are pinging a web server from a user’s c...

Ask quIf you are pinging a web server from a user’s client PC, how might the statistical information provided by ping be useful to you?estion #Minimum 100 words accepted#

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd