Risk determination, Computer Network Security

Assignment Help:

Risk Determination

For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an element of uncertainty. For instance

• Information asset A has a value score 50 and has 1 vulnerability: Vulnerability
1 has a likelihood of 1.0 with no current controls and you estimate that the assumptions and data are 90 percent accurate.
• Information asset B has a value score of 100 and has 2 vulnerability 2 has a likelihood of 0.5 with a current control which addresses 50 percent of risk. Vulnerability
3 has a likelihood of 0.1 with no current controls.

Resulting ranked list of risk ratings for the 3 vulnerabilities:

 Asset A: Vulnerability 1 rated as 55 = (50 x 1.0) –0% + 10% Where 55 = (50 x 1.0) – ( ( 50x 1.0)x0.0) + ( ( 50x1.0) x 0.1)
55 = 50 - 0 + 5

Asset B: Vulnerability 2 rated as 35 = (100 x 0.5) – 50% + 20% Where 35 = (100 x 0.5) – ( (100 x 0.5)x 0.5) + ( ( 100 x0.5) x 0.2)
35 = 50 – 25 + 10

Asset C: Vulnerability 3 rated as 12 = (100 x 0.1) – 0% + 20% Where 12= (100 x 0.1) – ((100 x 0.1) x 0.0) + ((100 x0.1) x 0.2)
12 = 10 - 0 + 2


Related Discussions:- Risk determination

Pcm encoder, You have been asked to setup a remote temperature sensing syst...

You have been asked to setup a remote temperature sensing system for an electric furnace. The system consists of a sensor unit which feeds an analogue signal to a PCM encoder. The

Data classification and management, Data Classification and Management C...

Data Classification and Management Corporate and military organizations use a several of classification schemes. Information owners are responsible for classifying information a

Network simplex method, QUESTION: (a) Briefly explain the steps invol...

QUESTION: (a) Briefly explain the steps involved in Network Simplex Method. (b) What data structures you would expect in the Network Simplex Method. Show the data struct

Information and network security, Information and Network Security Part ...

Information and Network Security Part 1- Recovery of an encrypted `word' using a forward search attack. Complete and correct summary for part 1. Adequately commented, clea

What is the major security flaw of set, QUESTION (a) Discuss why it is ...

QUESTION (a) Discuss why it is considered more secure to use the SET (Secure Electronic Transaction) for e-commerce instead of using SSL (b) Describe how the dual signature

Explain the random key distribution, Q. Explain the random key distribution...

Q. Explain the random key distribution? The triple key management mechanisms ensure a better and complete security solution using the random key distribution mechanism. In this

Types of errors detection in crc , CRC can detect the following errors bett...

CRC can detect the following errors better than check sums. a) Vertical errors b) Burst errors a) VERTICAL ERRORS:  This kind of error happens due to a hardware fai

How an attacker can effectively de-layer and analyse data, Around the globe...

Around the globe the bank controlled Co-ops (Visa, MasterCard, Discover, and American Express) have rolled out millions of smart cards under the EMV (Europay, MasterCard, VISA) sta

Unguided media, Unguided Media This is the wireless media that transfe...

Unguided Media This is the wireless media that transfer electromagnetic waves without using a physical media. Waves are broadcast through the air. This is performing through r

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd