Risk determination, Computer Network Security

Assignment Help:

Risk Determination

For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an element of uncertainty. For instance

• Information asset A has a value score 50 and has 1 vulnerability: Vulnerability
1 has a likelihood of 1.0 with no current controls and you estimate that the assumptions and data are 90 percent accurate.
• Information asset B has a value score of 100 and has 2 vulnerability 2 has a likelihood of 0.5 with a current control which addresses 50 percent of risk. Vulnerability
3 has a likelihood of 0.1 with no current controls.

Resulting ranked list of risk ratings for the 3 vulnerabilities:

 Asset A: Vulnerability 1 rated as 55 = (50 x 1.0) –0% + 10% Where 55 = (50 x 1.0) – ( ( 50x 1.0)x0.0) + ( ( 50x1.0) x 0.1)
55 = 50 - 0 + 5

Asset B: Vulnerability 2 rated as 35 = (100 x 0.5) – 50% + 20% Where 35 = (100 x 0.5) – ( (100 x 0.5)x 0.5) + ( ( 100 x0.5) x 0.2)
35 = 50 – 25 + 10

Asset C: Vulnerability 3 rated as 12 = (100 x 0.1) – 0% + 20% Where 12= (100 x 0.1) – ((100 x 0.1) x 0.0) + ((100 x0.1) x 0.2)
12 = 10 - 0 + 2


Related Discussions:- Risk determination

Distinguish between a mobile agent state and code, Question: (a) Disti...

Question: (a) Distinguish between a mobile agent "state" and "code". (b) Differentiate between "weak" and "strong" mobility. (c) Mobile agent systems are known to have

Systems development life cycle security-information security, The Role of t...

The Role of the Investigation The first phase, investigation is the most significant. What problem is the system being developed to solve? During investigation phase, objectives

Network-based ids (nids), Network-Based IDS (NIDS) A NIDS resides on com...

Network-Based IDS (NIDS) A NIDS resides on computer or appliance connected to segment of an organization’s network and looks for signs of attacks. While examining packets, a NID

Half-duplex and full-duplex mode of transmission, Question: a. State br...

Question: a. State briefly three reasons why computer networks are used? b. Differentiate between simplex, half-duplex and full-duplex mode of transmission. c. State any

Explain belady''s anomaly, Belady's Anomaly Also known FIFO anomaly. G...

Belady's Anomaly Also known FIFO anomaly. Generally, on raising the number of frames given to a process' virtual storage, the program execution is faster, because lesser page

Sequential label and supply, What questions should Iris ask Charlie about t...

What questions should Iris ask Charlie about the new job, about Kelvin''s team, and about the future of the company?

Ip datagram format, IP DATAGRAM SIZE:  Datagrams may have different si...

IP DATAGRAM SIZE:  Datagrams may have different sizes i.e. Header area is generally fixed (20 octets) but can have various options. Data area may contain between 1 octet and 6

Provide a suitable network infrastructure for the campus, QUESTION a) ...

QUESTION a) Below is a capture of an Ethernet II frame which contains an IPv4 packet and a segment. Give the source MAC address in hexadecimal; the source IP address, the uppe

Using Technology as Experience Framework, Write a two to three (2-3) page p...

Write a two to three (2-3) page paper in which you: Explain how the Web user interfaces help donors to make decisions. Relate the emotional thread demonstrated in the case study to

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd