Risk determination, Computer Network Security

Assignment Help:

Risk Determination

For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an element of uncertainty. For instance

• Information asset A has a value score 50 and has 1 vulnerability: Vulnerability
1 has a likelihood of 1.0 with no current controls and you estimate that the assumptions and data are 90 percent accurate.
• Information asset B has a value score of 100 and has 2 vulnerability 2 has a likelihood of 0.5 with a current control which addresses 50 percent of risk. Vulnerability
3 has a likelihood of 0.1 with no current controls.

Resulting ranked list of risk ratings for the 3 vulnerabilities:

 Asset A: Vulnerability 1 rated as 55 = (50 x 1.0) –0% + 10% Where 55 = (50 x 1.0) – ( ( 50x 1.0)x0.0) + ( ( 50x1.0) x 0.1)
55 = 50 - 0 + 5

Asset B: Vulnerability 2 rated as 35 = (100 x 0.5) – 50% + 20% Where 35 = (100 x 0.5) – ( (100 x 0.5)x 0.5) + ( ( 100 x0.5) x 0.2)
35 = 50 – 25 + 10

Asset C: Vulnerability 3 rated as 12 = (100 x 0.1) – 0% + 20% Where 12= (100 x 0.1) – ((100 x 0.1) x 0.0) + ((100 x0.1) x 0.2)
12 = 10 - 0 + 2


Related Discussions:- Risk determination

Types of errors detection in crc , CRC can detect the following errors bett...

CRC can detect the following errors better than check sums. a) Vertical errors b) Burst errors a) VERTICAL ERRORS:  This kind of error happens due to a hardware fai

Md Fayzul karim, How can I get help for Linux automotion configuration (...

How can I get help for Linux automotion configuration (Network, virtualization, security and Firewal etc) with bash scrip. What is the charge for.

Explain major differences between wpa and wpa2, Question: Suppose the f...

Question: Suppose the following brief history of WLAN security standards: When the security of WEP was broken, the industry turned to the IEEE to fix it. The IEEE said it could

Limitations of ethical dilemma, The best results obtained in the PIIT class...

The best results obtained in the PIIT classes have been when the technique has been used in tutorial groups, rather than have students submit individual reflections on particular c

Steganography-cryptography, Steganography It is a process of hiding info...

Steganography It is a process of hiding information in use for a long time. Most popular modern version of this process hides information within files appearing to contain digit

Routers, Routers They transfer packets among multiple interconnected n...

Routers They transfer packets among multiple interconnected network machines (i.e. LANs of different kind). They perform in the data link, physical and network layers. They ha

Typical network management system, Problem 1: List measurable entities ...

Problem 1: List measurable entities on which the quality of service in a data communication network depends Problem 2: Show the features of a typical Network Management

Udp communication semantics, UDP COMMUNICATION SEMANTICS:  UDP needs I...

UDP COMMUNICATION SEMANTICS:  UDP needs IP for all delivery, that is, similar best effort delivery as IP. To use UDP, an application have to either be immune to the causes or

Network, what is computer network?

what is computer network?

Network protocol hierarchy , This assignment aims to enhance students' unde...

This assignment aims to enhance students' understanding of the network protocol hierarchy and flow control and error control techniques by implementing a sliding window protocol in

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd