Risk determination, Computer Network Security

Assignment Help:

Risk Determination

For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an element of uncertainty. For instance

• Information asset A has a value score 50 and has 1 vulnerability: Vulnerability
1 has a likelihood of 1.0 with no current controls and you estimate that the assumptions and data are 90 percent accurate.
• Information asset B has a value score of 100 and has 2 vulnerability 2 has a likelihood of 0.5 with a current control which addresses 50 percent of risk. Vulnerability
3 has a likelihood of 0.1 with no current controls.

Resulting ranked list of risk ratings for the 3 vulnerabilities:

 Asset A: Vulnerability 1 rated as 55 = (50 x 1.0) –0% + 10% Where 55 = (50 x 1.0) – ( ( 50x 1.0)x0.0) + ( ( 50x1.0) x 0.1)
55 = 50 - 0 + 5

Asset B: Vulnerability 2 rated as 35 = (100 x 0.5) – 50% + 20% Where 35 = (100 x 0.5) – ( (100 x 0.5)x 0.5) + ( ( 100 x0.5) x 0.2)
35 = 50 – 25 + 10

Asset C: Vulnerability 3 rated as 12 = (100 x 0.1) – 0% + 20% Where 12= (100 x 0.1) – ((100 x 0.1) x 0.0) + ((100 x0.1) x 0.2)
12 = 10 - 0 + 2


Related Discussions:- Risk determination

Cryptographic hash functions, (a) (i) Bob has public RSA key (n = 77, e...

(a) (i) Bob has public RSA key (n = 77, e = 7). Show that Bob's private key is (d = 43). (ii) Alice wants to send the message m = 13 to Bob. She encrypts the message usi

Intrusion detection and classification, i want to detec and classify networ...

i want to detec and classify network anomaly detection based on KDD99 data set using swarm intelligence

#title.TIPS., 1. For this project, assume that an organization has five ser...

1. For this project, assume that an organization has five servers. Server 1 has a TCO of $25,000, Servers 2 and 3 have a TCO of $37,000 each, and the remaining two servers— Servers

Develop a completely secure wsn based on the triple key, Q. Develop a compl...

Q. Develop a completely secure WSN based on the triple key? Wireless network is the most vulnerable type of network to security attack. Unauthorized access to wireless network

Selecting a risk control strategy-information security, Selecting a Risk Co...

Selecting a Risk Control Strategy Risk controls involve selecting one of the 4 risk control strategies for every vulnerability. The flowchart is shown in the figure given below

Cyber security - vulnerabilities, The world has to deal with newly released...

The world has to deal with newly released vulnerabilities on a daily basis.  These vulnerabilities eventually lead to active exploits of systems, and it is our job as cyber securit

Wireless networks, Wireless Networks The origin of wireless networks a...

Wireless Networks The origin of wireless networks and their ubiquity in the technological environment poses a new type of exposure and vulnerability for network security. Cont

Csma/ca, CSMA/CA Wireless needs collision avoid ness rather than colli...

CSMA/CA Wireless needs collision avoid ness rather than collision checking. Transmitting computer puts very short codes to receiver. Receiver responds with short message getti

Error reporting mechanism (icmp), ERROR REPORTING MECHANISM (ICMP) INT...

ERROR REPORTING MECHANISM (ICMP) INTRODUCTION:  IP gives best-effort delivery. Delivery causes can be ignored; datagrams may be 'dropped on the ground'. Internet Control Me

Draw the waveform for an asynchronous transmission, QUESTION: (a) For ...

QUESTION: (a) For the bit stream 010011, sketch the waveforms for each of the code indicated. Assume that the signal level for a space in NRZ-L is positive; the signal level f

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd