Risk determination, Computer Network Security

Assignment Help:

Risk Determination

For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an element of uncertainty. For instance

• Information asset A has a value score 50 and has 1 vulnerability: Vulnerability
1 has a likelihood of 1.0 with no current controls and you estimate that the assumptions and data are 90 percent accurate.
• Information asset B has a value score of 100 and has 2 vulnerability 2 has a likelihood of 0.5 with a current control which addresses 50 percent of risk. Vulnerability
3 has a likelihood of 0.1 with no current controls.

Resulting ranked list of risk ratings for the 3 vulnerabilities:

 Asset A: Vulnerability 1 rated as 55 = (50 x 1.0) –0% + 10% Where 55 = (50 x 1.0) – ( ( 50x 1.0)x0.0) + ( ( 50x1.0) x 0.1)
55 = 50 - 0 + 5

Asset B: Vulnerability 2 rated as 35 = (100 x 0.5) – 50% + 20% Where 35 = (100 x 0.5) – ( (100 x 0.5)x 0.5) + ( ( 100 x0.5) x 0.2)
35 = 50 – 25 + 10

Asset C: Vulnerability 3 rated as 12 = (100 x 0.1) – 0% + 20% Where 12= (100 x 0.1) – ((100 x 0.1) x 0.0) + ((100 x0.1) x 0.2)
12 = 10 - 0 + 2


Related Discussions:- Risk determination

Determine the functions of security components, You are designing a Demilit...

You are designing a Demilitarized zone for a large corporation. Using design best practice, and the information that you have learned so far, propose a design that will provide the

Using icmp reachability, USING ICMP TO TEST REACHABILITY:  ICMP can a...

USING ICMP TO TEST REACHABILITY:  ICMP can also be used to test several tools. An Internet host A, is reachable from another host B, if data packets can be send from A to B. P

Broadband Technology, In 10 or more pages, address the following topics (be...

In 10 or more pages, address the following topics (be sure to use diagrams as well as references). 1) Define broadband and baseband transmission technology. 2) Describe broadban

Explain the security service - confidentiality, Question: (a) Explain t...

Question: (a) Explain the following security services: Confidentiality, Availability. (b) Which attack will be used to bypass even the best physical and logical security m

The security systems development life cycle (secsdlc), The Security Systems...

The Security Systems Development Life Cycle (SecSDLC) The same phases which is used in traditional SDLC can be adapted to support specialized implementation of IS project,At its

Does ssl protect against eavesdropping, QUESTION (a) Consider the follo...

QUESTION (a) Consider the following authentication options A. Using password B. Using pin and fingerprint Which option A or B provides stronger security and why? (b

Threads and attacks-information security, THREADS AND ATTACKS Threat is ...

THREADS AND ATTACKS Threat is an object, person, or other entity which represents a constant danger to an asset. To make sound decisions about information security, management s

What are the main objectives of a risk analysis, QUESTION 1 Risk ana...

QUESTION 1 Risk analysis helps companies prioritize their risks and shows management the amount of money that should be applied to protecting against those risks in a sensib

Computer security, Implementing an effective online authentication scheme i...

Implementing an effective online authentication scheme in practice faces many challenges. Systems with highly sensitive data often require multifactor authentication. But, requirin

Draw a suitable physical network diagram, Question a) From the capture ...

Question a) From the capture below: Give the datagram source IP address, upper layer protocol, Total length in decimal and header checksum in hexadecimal; the segment source po

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd