Risk determination, Computer Network Security

Assignment Help:

Risk Determination

For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an element of uncertainty. For instance

• Information asset A has a value score 50 and has 1 vulnerability: Vulnerability
1 has a likelihood of 1.0 with no current controls and you estimate that the assumptions and data are 90 percent accurate.
• Information asset B has a value score of 100 and has 2 vulnerability 2 has a likelihood of 0.5 with a current control which addresses 50 percent of risk. Vulnerability
3 has a likelihood of 0.1 with no current controls.

Resulting ranked list of risk ratings for the 3 vulnerabilities:

 Asset A: Vulnerability 1 rated as 55 = (50 x 1.0) –0% + 10% Where 55 = (50 x 1.0) – ( ( 50x 1.0)x0.0) + ( ( 50x1.0) x 0.1)
55 = 50 - 0 + 5

Asset B: Vulnerability 2 rated as 35 = (100 x 0.5) – 50% + 20% Where 35 = (100 x 0.5) – ( (100 x 0.5)x 0.5) + ( ( 100 x0.5) x 0.2)
35 = 50 – 25 + 10

Asset C: Vulnerability 3 rated as 12 = (100 x 0.1) – 0% + 20% Where 12= (100 x 0.1) – ((100 x 0.1) x 0.0) + ((100 x0.1) x 0.2)
12 = 10 - 0 + 2


Related Discussions:- Risk determination

Determine the functions of security components, You are designing a Demilit...

You are designing a Demilitarized zone for a large corporation. Using design best practice, and the information that you have learned so far, propose a design that will provide the

encrypt and decryption using rsa with the prime numbers, Problem (1) -...

Problem (1) - Alice, Bob and Charlie have a secret key a=3, b=4, c=5, respectively. - They want to find a common secret key using Diffie-Hellan key exchange protocol (with g

Biology, Ask question #Minimum 100 words are there non parasitic v...

Ask question #Minimum 100 words are there non parasitic viruses

Ids deployment overview, IDS Deployment Overview The decision regarding ...

IDS Deployment Overview The decision regarding control strategies, decisions about where to locate elements of intrusion detection systems is an art in itself. Planners should s

Illustrate the term file carving, QUESTION (a) Illustrate the term fil...

QUESTION (a) Illustrate the term file carving. (b) What are the basic three main techniques for image steganography? (c) Distinguish between vector graphics and raster

Ip datagram header format, IP DATAGRAM HEADER FORMAT:  It is given in...

IP DATAGRAM HEADER FORMAT:  It is given in the figure below:   In the table: VERS denotes the version of IP. H.LEN denotes the header length in units of

Pcm encoder, You have been asked to setup a remote temperature sensing syst...

You have been asked to setup a remote temperature sensing system for an electric furnace. The system consists of a sensor unit which feeds an analogue signal to a PCM encoder. The

TCP/IP v OSI, What are the main differences between TCP/IP vs OSI?

What are the main differences between TCP/IP vs OSI?

What you understand by the term brute force attack, Question: a) Expla...

Question: a) Explain what you understand by the term brute force attack, giving an example of such an attack b) Briefly outline the concept of Caesar cipher and identify a

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd