Risk determination, Computer Network Security

Assignment Help:

Risk Determination

For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an element of uncertainty. For instance

• Information asset A has a value score 50 and has 1 vulnerability: Vulnerability
1 has a likelihood of 1.0 with no current controls and you estimate that the assumptions and data are 90 percent accurate.
• Information asset B has a value score of 100 and has 2 vulnerability 2 has a likelihood of 0.5 with a current control which addresses 50 percent of risk. Vulnerability
3 has a likelihood of 0.1 with no current controls.

Resulting ranked list of risk ratings for the 3 vulnerabilities:

 Asset A: Vulnerability 1 rated as 55 = (50 x 1.0) –0% + 10% Where 55 = (50 x 1.0) – ( ( 50x 1.0)x0.0) + ( ( 50x1.0) x 0.1)
55 = 50 - 0 + 5

Asset B: Vulnerability 2 rated as 35 = (100 x 0.5) – 50% + 20% Where 35 = (100 x 0.5) – ( (100 x 0.5)x 0.5) + ( ( 100 x0.5) x 0.2)
35 = 50 – 25 + 10

Asset C: Vulnerability 3 rated as 12 = (100 x 0.1) – 0% + 20% Where 12= (100 x 0.1) – ((100 x 0.1) x 0.0) + ((100 x0.1) x 0.2)
12 = 10 - 0 + 2


Related Discussions:- Risk determination

Calculate the total latency, Question (a) Inspect the following ifconfi...

Question (a) Inspect the following ifconfig output of an IPv6 interface: i. What is the hidden Hardware Address of the interface on Line #1? ii. What is the hidden subn

Transmission errors in networking, TRANSMISSION ERRORS:  Transmission...

TRANSMISSION ERRORS:  Transmission exceptions may happen due to different causes for example power surges or interference may delete data during transmission. In result of wh

Explain about structure of management information, Question 1 a) What is a...

Question 1 a) What is a NMS? Question 2 Explain about Structure of Management Information Question 3 A)In which UDP port number does a protocol entity receive message?

Security policies, implementing password policy in organisation

implementing password policy in organisation

Firewall architectures-screened subnet architecture, Screened Subnet Archit...

Screened Subnet Architecture This setup provides an extra security layer to screened host architecture by creating a perimeter subnet which further isolates internal network f

The cost benefit analysis (cba) formula, The Cost Benefit Analysis (CBA) Fo...

The Cost Benefit Analysis (CBA) Formula CBA determines that whether the control alternative being evaluated is worth cost incurred to control vulnerability or not. CBA easily ca

Cyber troll case, According to the case, The EZ Company introduced a new te...

According to the case, The EZ Company introduced a new technology, focusing on the principles of informationintegration and visualization. The company started negotiatinga saleto a

Categories of controls-risk management, Categories of Controls Controlli...

Categories of Controls Controlling risk through mitigation, avoidance or transference is accomplished by implementing controls. There are 4 effective approaches to select the co

What is the major security flaw of set, QUESTION (a) Discuss why it is ...

QUESTION (a) Discuss why it is considered more secure to use the SET (Secure Electronic Transaction) for e-commerce instead of using SSL (b) Describe how the dual signature

Hypothetical reliable data transfer protocol, Hypothetical reliable data tr...

Hypothetical reliable data transfer protocol: A jumping window based Go-back-N  ARQ protocol for file transfer using UDP as the transport protocol: In this protocol, a window o

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd