Risk determination, Computer Network Security

Assignment Help:

Risk Determination

For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an element of uncertainty. For instance

• Information asset A has a value score 50 and has 1 vulnerability: Vulnerability
1 has a likelihood of 1.0 with no current controls and you estimate that the assumptions and data are 90 percent accurate.
• Information asset B has a value score of 100 and has 2 vulnerability 2 has a likelihood of 0.5 with a current control which addresses 50 percent of risk. Vulnerability
3 has a likelihood of 0.1 with no current controls.

Resulting ranked list of risk ratings for the 3 vulnerabilities:

 Asset A: Vulnerability 1 rated as 55 = (50 x 1.0) –0% + 10% Where 55 = (50 x 1.0) – ( ( 50x 1.0)x0.0) + ( ( 50x1.0) x 0.1)
55 = 50 - 0 + 5

Asset B: Vulnerability 2 rated as 35 = (100 x 0.5) – 50% + 20% Where 35 = (100 x 0.5) – ( (100 x 0.5)x 0.5) + ( ( 100 x0.5) x 0.2)
35 = 50 – 25 + 10

Asset C: Vulnerability 3 rated as 12 = (100 x 0.1) – 0% + 20% Where 12= (100 x 0.1) – ((100 x 0.1) x 0.0) + ((100 x0.1) x 0.2)
12 = 10 - 0 + 2


Related Discussions:- Risk determination

ITC 571 Emerging Technologies and Innovation Assignment, Ask quProject brie...

Ask quProject brief template The project brief is a document upon which the full Project Proposal and Plan will be based. About me: Who are you? What do you do? What is your Exper

Logic bombs - attacks information security, Example 3: Logic bombs In th...

Example 3: Logic bombs In the year 2000, Timothy Lloyd was found responsible of causing $10 million and $12 million of damage to Omega Engineering, an American company specializ

encrypt and decryption using rsa with the prime numbers, Problem (1) -...

Problem (1) - Alice, Bob and Charlie have a secret key a=3, b=4, c=5, respectively. - They want to find a common secret key using Diffie-Hellan key exchange protocol (with g

Explain how ftp works, QUESTION (a) FTP is a protocol used for the de...

QUESTION (a) FTP is a protocol used for the delivery of files across networks. Explain how FTP works (support your answer with a diagram). (b) How does TCP perform the gi

Error reporting mechanism (icmp), ERROR REPORTING MECHANISM (ICMP) INT...

ERROR REPORTING MECHANISM (ICMP) INTRODUCTION:  IP gives best-effort delivery. Delivery causes can be ignored; datagrams may be 'dropped on the ground'. Internet Control Me

Explain how ethernet deals with collisions, (a) Describe how CSMA/CD operat...

(a) Describe how CSMA/CD operates and explain how Ethernet deals with collisions. (b) Describe how the subsequent protocols work: i. ARP ii. DHCP iii. DNS iv. SMTP (c) The

Introduction to risk management and its component, INTRODUCTION TO RISK MAN...

INTRODUCTION TO RISK MANAGEMENT Risk management is the procedure of identifying and controlling risks facing an organization. Risk management is the discipline which is employed

What is meant by certificate revocation, QUESTION (a) Which PKI (Public...

QUESTION (a) Which PKI (Public Key Infrastructure) model is typically favored by business organization? (b) Give one possible use of the "extensions" field of an X.509 certi

Example of an attack against a windows, The objective of this example is to...

The objective of this example is to demonstrate the steps required for a successful attack against a vulnerable Windows XP SP2 system. It will show: a) how Nessus can be used to di

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd