Risk determination, Computer Network Security

Assignment Help:

Risk Determination

For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an element of uncertainty. For instance

• Information asset A has a value score 50 and has 1 vulnerability: Vulnerability
1 has a likelihood of 1.0 with no current controls and you estimate that the assumptions and data are 90 percent accurate.
• Information asset B has a value score of 100 and has 2 vulnerability 2 has a likelihood of 0.5 with a current control which addresses 50 percent of risk. Vulnerability
3 has a likelihood of 0.1 with no current controls.

Resulting ranked list of risk ratings for the 3 vulnerabilities:

 Asset A: Vulnerability 1 rated as 55 = (50 x 1.0) –0% + 10% Where 55 = (50 x 1.0) – ( ( 50x 1.0)x0.0) + ( ( 50x1.0) x 0.1)
55 = 50 - 0 + 5

Asset B: Vulnerability 2 rated as 35 = (100 x 0.5) – 50% + 20% Where 35 = (100 x 0.5) – ( (100 x 0.5)x 0.5) + ( ( 100 x0.5) x 0.2)
35 = 50 – 25 + 10

Asset C: Vulnerability 3 rated as 12 = (100 x 0.1) – 0% + 20% Where 12= (100 x 0.1) – ((100 x 0.1) x 0.0) + ((100 x0.1) x 0.2)
12 = 10 - 0 + 2


Related Discussions:- Risk determination

Increasingly significant impact on society, Question: (a) African gove...

Question: (a) African governments are slowly shifting to more transparent ICT regulations. However, but limited spectrum availability remains a key barrier to sustaining lon

Transmission errors in networking, TRANSMISSION ERRORS:  Transmission...

TRANSMISSION ERRORS:  Transmission exceptions may happen due to different causes for example power surges or interference may delete data during transmission. In result of wh

Feasibility studies-risk management, Feasibility Studies Before deciding...

Feasibility Studies Before deciding on strategy, all information of economic or non economic consequences of vulnerability of information asset should be explored. A number of w

Explain the schemes for distribution of public keys, (a) What is a pseudora...

(a) What is a pseudorandom generator? Give an example describing how it works. (b) Explain the key components of a wireless network and their purpose. (c) Describe the authen

Application layer protocol, Problem a) Give the destination IP address, up...

Problem a) Give the destination IP address, upper layer protocol, TTL in decimal and header checksum in hexadecimal; the source port number and the destination port number in deci

Rsa block and vernam stream ciphers, RSA Block and Vernam Stream Ciphers ...

RSA Block and Vernam Stream Ciphers This assignment involves writing two small Python scripts and a report. Before you start you must download the ?le summarysheets.zip from th

Public key infrastructure (pki)-cryptography, Public Key Infrastructure (PK...

Public Key Infrastructure (PKI) It is integrated system of software, encryption methodologies, protocols, legal agreements, and 3rd-party services enabling users to communicate

Data compression and the transport services, Da t a compre s sion a...

Da t a compre s sion and the trans p ort s e rvices,   The main purpose of the transport layer is to provide services which are efficient, reliable and cost-effecti

Address resolution with table lookup, ADDRESS RESOLUTION WITH TABLE LOOKUP ...

ADDRESS RESOLUTION WITH TABLE LOOKUP : Resolution needs data structure that has information about address binding. A distinct address-binding table is used for every physical n

Token ring, TOKEN RING Many LAN methods that are ring topology need to...

TOKEN RING Many LAN methods that are ring topology need token passing for synchronized access to the ring. The ring itself is acts as a single shared communication phase. Both

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd