Risk determination, Computer Network Security

Assignment Help:

Risk Determination

For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an element of uncertainty. For instance

• Information asset A has a value score 50 and has 1 vulnerability: Vulnerability
1 has a likelihood of 1.0 with no current controls and you estimate that the assumptions and data are 90 percent accurate.
• Information asset B has a value score of 100 and has 2 vulnerability 2 has a likelihood of 0.5 with a current control which addresses 50 percent of risk. Vulnerability
3 has a likelihood of 0.1 with no current controls.

Resulting ranked list of risk ratings for the 3 vulnerabilities:

 Asset A: Vulnerability 1 rated as 55 = (50 x 1.0) –0% + 10% Where 55 = (50 x 1.0) – ( ( 50x 1.0)x0.0) + ( ( 50x1.0) x 0.1)
55 = 50 - 0 + 5

Asset B: Vulnerability 2 rated as 35 = (100 x 0.5) – 50% + 20% Where 35 = (100 x 0.5) – ( (100 x 0.5)x 0.5) + ( ( 100 x0.5) x 0.2)
35 = 50 – 25 + 10

Asset C: Vulnerability 3 rated as 12 = (100 x 0.1) – 0% + 20% Where 12= (100 x 0.1) – ((100 x 0.1) x 0.0) + ((100 x0.1) x 0.2)
12 = 10 - 0 + 2


Related Discussions:- Risk determination

Programming, For this assignment you will create a program called MMWordFix...

For this assignment you will create a program called MMWordFix (Multi-Mode WordFix). This program prompts the user to select one of three word filters (uppercase, lowercase, encryp

Designing and coding of job search mechanism, Designing and coding of Job s...

Designing and coding of Job search mechanism: Project Title: FREEHIVE (Sep 2005- Nov 2006) Role             : Developer Domain         : Social Network Client

Draw the waveform for an asynchronous transmission, (a) Draw the waveform ...

(a) Draw the waveform for an asynchronous transmission with the given specifications: 8 data bits with value 11010001 (LSB listed first here), one parity bit (even), one star

Using icmp reachability, USING ICMP TO TEST REACHABILITY:  ICMP can a...

USING ICMP TO TEST REACHABILITY:  ICMP can also be used to test several tools. An Internet host A, is reachable from another host B, if data packets can be send from A to B. P

Determine the functions of security components, You are designing a Demilit...

You are designing a Demilitarized zone for a large corporation. Using design best practice, and the information that you have learned so far, propose a design that will provide the

Introduction to physical security, INTRODUCTION TO PHYSICAL SECURITY The...

INTRODUCTION TO PHYSICAL SECURITY The Physical security addresses design, execution, and maintenance of countermeasures which protect physical resources of an organization. The

Ipv6 datagram format, IPV6 DATAGRAM FORMAT It is given in the figure b...

IPV6 DATAGRAM FORMAT It is given in the figure below:

Base lining-information security, Base lining •    Organizations do not ...

Base lining •    Organizations do not have any contact to each other •    No two organizations are identical to each other •    The best practices are a moving target •    K

What you understand by the term brute force attack, Question: a) Expla...

Question: a) Explain what you understand by the term brute force attack, giving an example of such an attack b) Briefly outline the concept of Caesar cipher and identify a

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd