Risk determination, Computer Network Security

Assignment Help:

Risk Determination

For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an element of uncertainty. For instance

• Information asset A has a value score 50 and has 1 vulnerability: Vulnerability
1 has a likelihood of 1.0 with no current controls and you estimate that the assumptions and data are 90 percent accurate.
• Information asset B has a value score of 100 and has 2 vulnerability 2 has a likelihood of 0.5 with a current control which addresses 50 percent of risk. Vulnerability
3 has a likelihood of 0.1 with no current controls.

Resulting ranked list of risk ratings for the 3 vulnerabilities:

 Asset A: Vulnerability 1 rated as 55 = (50 x 1.0) –0% + 10% Where 55 = (50 x 1.0) – ( ( 50x 1.0)x0.0) + ( ( 50x1.0) x 0.1)
55 = 50 - 0 + 5

Asset B: Vulnerability 2 rated as 35 = (100 x 0.5) – 50% + 20% Where 35 = (100 x 0.5) – ( (100 x 0.5)x 0.5) + ( ( 100 x0.5) x 0.2)
35 = 50 – 25 + 10

Asset C: Vulnerability 3 rated as 12 = (100 x 0.1) – 0% + 20% Where 12= (100 x 0.1) – ((100 x 0.1) x 0.0) + ((100 x0.1) x 0.2)
12 = 10 - 0 + 2


Related Discussions:- Risk determination

Major difference between a virus and a worm, Question: (a) State wheth...

Question: (a) State whether the following statements are TRUE or FALSE. Justify your answer. i. A good site security policy will require that users use computer generated p

Systems-specific policy (syssp), Systems-Specific Policy (SysSP) SysSP...

Systems-Specific Policy (SysSP) SysSPs are codified as standards and procedures which are used when configuring or maintaining systems. Systems specific policies fall into 2 g

How to create a security policy, Five years ago, Calgary Kids' Cloth Ltd wa...

Five years ago, Calgary Kids' Cloth Ltd was just a small retail store in downtown Calgary. The company started their own factory in SE Calgary to produce outdoor clothes for kids.

Illustrate about tinysec protocol, Illustrate about TinySec Protocol T...

Illustrate about TinySec Protocol TinySec is implemented on the link layer and addresses security requirements of the resource staffed nodes in the WSN based on the link layer

Research paper, how much would you charge for minimum 20 pages

how much would you charge for minimum 20 pages

Maximum transmission unit (mtu), Maximum Transmission Unit  (MTU) Eac...

Maximum Transmission Unit  (MTU) Each hardware method specification adds the definition of the maximum size of the frame data area, which is known the Maximum Transmission Uni

Cryptographic hash functions, (a) (i) Bob has public RSA key (n = 77, e...

(a) (i) Bob has public RSA key (n = 77, e = 7). Show that Bob's private key is (d = 43). (ii) Alice wants to send the message m = 13 to Bob. She encrypts the message usi

Direct indexing, DIRECT INDEXING It is less usually known method. It i...

DIRECT INDEXING It is less usually known method. It is possible only is cases where protocols address are given from a compact range. In the diagram below an example of direct

Compare and contrast between block and stream ciphers, Problem 1 Solve ...

Problem 1 Solve the following Caesar cipher by showing your working: EM KIUM EM AIE EM KWVYCMZML Problem 2 Compare and contrast between block and stream ciphers, listin

Explain the rsa algorithm, Question: (a) What is the minimum length of...

Question: (a) What is the minimum length of a password that could be considered to be "strong" in the context of today's computing power? (b) The security of a PIN system,

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd