Risk determination, Computer Network Security

Assignment Help:

Risk Determination

For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an element of uncertainty. For instance

• Information asset A has a value score 50 and has 1 vulnerability: Vulnerability
1 has a likelihood of 1.0 with no current controls and you estimate that the assumptions and data are 90 percent accurate.
• Information asset B has a value score of 100 and has 2 vulnerability 2 has a likelihood of 0.5 with a current control which addresses 50 percent of risk. Vulnerability
3 has a likelihood of 0.1 with no current controls.

Resulting ranked list of risk ratings for the 3 vulnerabilities:

 Asset A: Vulnerability 1 rated as 55 = (50 x 1.0) –0% + 10% Where 55 = (50 x 1.0) – ( ( 50x 1.0)x0.0) + ( ( 50x1.0) x 0.1)
55 = 50 - 0 + 5

Asset B: Vulnerability 2 rated as 35 = (100 x 0.5) – 50% + 20% Where 35 = (100 x 0.5) – ( (100 x 0.5)x 0.5) + ( ( 100 x0.5) x 0.2)
35 = 50 – 25 + 10

Asset C: Vulnerability 3 rated as 12 = (100 x 0.1) – 0% + 20% Where 12= (100 x 0.1) – ((100 x 0.1) x 0.0) + ((100 x0.1) x 0.2)
12 = 10 - 0 + 2


Related Discussions:- Risk determination

Application gateways / firewall-information security, Application Gateways ...

Application Gateways / firewall The application level firewall is installed on a dedicated computer; also called as a proxy server. These servers can store the recently accessed

Calculate the minimum sampling rate, QUESTION An analog sensor is used...

QUESTION An analog sensor is used to monitor the temperature of sea water at different depth. The sensor is fitted to a buoy and incorporates a wireless transmitter that send

Describe the use of control channels in gsm network, Problem 1: What is...

Problem 1: What is the function of AUC in the GSM architecture? Explanation of HLR(AUC) Architecture of GSM Problem 2: Show the layered architecture of t

Define broadcasting , Broadcasting is the distribution of video and audio...

Broadcasting is the distribution of video and audio content to a whole audience via any audio or visual mass communications medium, but generally one using electromagnetic radiat

Ciphertext, Encode the following plaintext, using the Caesar cipher: ...

Encode the following plaintext, using the Caesar cipher: LORD OF THE RINGS b) The following ciphertext jw njbh lxmn cx kanjt has been encoded using a

Example of an attack against a windows, The objective of this example is to...

The objective of this example is to demonstrate the steps required for a successful attack against a vulnerable Windows XP SP2 system. It will show: a) how Nessus can be used to di

Assignment, Hello i have submitted an assignment and i am still waiting to ...

Hello i have submitted an assignment and i am still waiting to know if it has been accepted or not the ref number is TicketID: EM201381BRY525CN, the due date is for monday 27th of

Risk control strategies-, Risk Control Strategies Once the ranked vulner...

Risk Control Strategies Once the ranked vulnerability risk worksheet has created, they should choose one of following 4 strategies to control each risk: •Apply safeguards which

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd