Risk determination, Computer Network Security

Assignment Help:

Risk Determination

For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an element of uncertainty. For instance

• Information asset A has a value score 50 and has 1 vulnerability: Vulnerability
1 has a likelihood of 1.0 with no current controls and you estimate that the assumptions and data are 90 percent accurate.
• Information asset B has a value score of 100 and has 2 vulnerability 2 has a likelihood of 0.5 with a current control which addresses 50 percent of risk. Vulnerability
3 has a likelihood of 0.1 with no current controls.

Resulting ranked list of risk ratings for the 3 vulnerabilities:

 Asset A: Vulnerability 1 rated as 55 = (50 x 1.0) –0% + 10% Where 55 = (50 x 1.0) – ( ( 50x 1.0)x0.0) + ( ( 50x1.0) x 0.1)
55 = 50 - 0 + 5

Asset B: Vulnerability 2 rated as 35 = (100 x 0.5) – 50% + 20% Where 35 = (100 x 0.5) – ( (100 x 0.5)x 0.5) + ( ( 100 x0.5) x 0.2)
35 = 50 – 25 + 10

Asset C: Vulnerability 3 rated as 12 = (100 x 0.1) – 0% + 20% Where 12= (100 x 0.1) – ((100 x 0.1) x 0.0) + ((100 x0.1) x 0.2)
12 = 10 - 0 + 2


Related Discussions:- Risk determination

Udp communication semantics, UDP COMMUNICATION SEMANTICS:  UDP needs I...

UDP COMMUNICATION SEMANTICS:  UDP needs IP for all delivery, that is, similar best effort delivery as IP. To use UDP, an application have to either be immune to the causes or

Ciphertext, Encode the following plaintext, using the Caesar cipher: ...

Encode the following plaintext, using the Caesar cipher: LORD OF THE RINGS b) The following ciphertext jw njbh lxmn cx kanjt has been encoded using a

Udp encapsulation, UDP ENCAPSULATION As given in the figure below, UDP...

UDP ENCAPSULATION As given in the figure below, UDP packet is included in IP datagram and the IP datagram is then attached in the Frame.

Electronic mail, Electronic Mail: Electronic mail which is famous as e-...

Electronic Mail: Electronic mail which is famous as e-mail, as it is known to its number of users, has been around for more than two decades. Before 1990, it was mainly used in

CNSS, Assume that a security model is needed for the protection of informat...

Assume that a security model is needed for the protection of information in your class. Using the CNSS model, examine each of the cells and write a brief statement on how you would

Functional areas in network management, Question 1 a) Explain how CSMA...

Question 1 a) Explain how CSMA/CD works. b) Describe the term "exponential back-off". c) Describe the differences between "circuit switching" and "packet switching". d) Th

Public key cryptography encryption, What do you understand by the term encr...

What do you understand by the term encryption? Also describe the public key cryptography Encryption: Encryption is a method of converting plain text into cipher text. Using thi

Describe the function of a tap in wmns, Question: (a) A Wireless Mesh N...

Question: (a) A Wireless Mesh Network (WMN) is a communications network made up of radio nodes organized in a mesh topology. i. Describe the function of a TAP in WMNs. ii.

Bus topology, In BUS topology every computer is directly connected to p...

In BUS topology every computer is directly connected to primary network cable in a single way. Bus networks are the easiest way to connect multiple users, but can have problems

What do you understand by the concept web of trust, Question: a) Name ...

Question: a) Name a method to allow a person to send a confidential email to another person, without risks of a third-party reading the email. Describe briefly the operations

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd