Risk determination, Computer Network Security

Assignment Help:

Risk Determination

For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an element of uncertainty. For instance

• Information asset A has a value score 50 and has 1 vulnerability: Vulnerability
1 has a likelihood of 1.0 with no current controls and you estimate that the assumptions and data are 90 percent accurate.
• Information asset B has a value score of 100 and has 2 vulnerability 2 has a likelihood of 0.5 with a current control which addresses 50 percent of risk. Vulnerability
3 has a likelihood of 0.1 with no current controls.

Resulting ranked list of risk ratings for the 3 vulnerabilities:

 Asset A: Vulnerability 1 rated as 55 = (50 x 1.0) –0% + 10% Where 55 = (50 x 1.0) – ( ( 50x 1.0)x0.0) + ( ( 50x1.0) x 0.1)
55 = 50 - 0 + 5

Asset B: Vulnerability 2 rated as 35 = (100 x 0.5) – 50% + 20% Where 35 = (100 x 0.5) – ( (100 x 0.5)x 0.5) + ( ( 100 x0.5) x 0.2)
35 = 50 – 25 + 10

Asset C: Vulnerability 3 rated as 12 = (100 x 0.1) – 0% + 20% Where 12= (100 x 0.1) – ((100 x 0.1) x 0.0) + ((100 x0.1) x 0.2)
12 = 10 - 0 + 2


Related Discussions:- Risk determination

Find the possible deciphering transformations, Question: (a) A string o...

Question: (a) A string of ciphertext was enciphered using an a±ne transformation of single letters in a 28-letter alphabet consisting of A to Z, a blank and a?, where A to Z ha

Potential risks to information systems, Information System Security 1. ...

Information System Security 1. Write about: a. Potential Risks to Information Systems b. Factors to be addressed for making information systems more secure 2. Write about t

Problem of spam mail, Topic -Spam is an ever-growing problem, with some net...

Topic -Spam is an ever-growing problem, with some network administrators reporting that 90% or moreof the email delivered to their mail servers is spam. Identify and briefly evalua

Elliptic curve encryption - decryption scheme, (a) (i) If m = p·q·r where...

(a) (i) If m = p·q·r where p, q, and r are prime numbers, what is Φ(m)? (ii) Therefore, Determine Φ(440). (b) Describe the following terms as used in cryptography: (i)

Example of an attack against a windows, The objective of this example is to...

The objective of this example is to demonstrate the steps required for a successful attack against a vulnerable Windows XP SP2 system. It will show: a) how Nessus can be used to di

Intercultural sensitivity: recognising differences, Intercultural sensitivi...

Intercultural sensitivity: recognising differences You represent a Mauritian computer company which is negotiating to buy hardware from a manufacturer in Japan. In your first

Explain how the key exchange algorithm works, Question: (a) Explain how...

Question: (a) Explain how the Diffie-Hellman key establishment protocol works. (b) Prove that the Diffie-Hellman key establishment protocol is vulnerable to a `man in the mi

Digital certificates, A Certificate presents an organization in an official...

A Certificate presents an organization in an official digital form. This is same to an electronic identity card which serves the purpose of Identifying the owner of the certificate

CRC, CRC in matlab

CRC in matlab

Describe how a cellular network works, Problem 1 . Show various features of...

Problem 1 . Show various features of a 1G network Total three features for each feature of 1G Problem 2. Describe how a cellular network works with functional block diagram

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd