Risk determination, Computer Network Security

Assignment Help:

Risk Determination

For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an element of uncertainty. For instance

• Information asset A has a value score 50 and has 1 vulnerability: Vulnerability
1 has a likelihood of 1.0 with no current controls and you estimate that the assumptions and data are 90 percent accurate.
• Information asset B has a value score of 100 and has 2 vulnerability 2 has a likelihood of 0.5 with a current control which addresses 50 percent of risk. Vulnerability
3 has a likelihood of 0.1 with no current controls.

Resulting ranked list of risk ratings for the 3 vulnerabilities:

 Asset A: Vulnerability 1 rated as 55 = (50 x 1.0) –0% + 10% Where 55 = (50 x 1.0) – ( ( 50x 1.0)x0.0) + ( ( 50x1.0) x 0.1)
55 = 50 - 0 + 5

Asset B: Vulnerability 2 rated as 35 = (100 x 0.5) – 50% + 20% Where 35 = (100 x 0.5) – ( (100 x 0.5)x 0.5) + ( ( 100 x0.5) x 0.2)
35 = 50 – 25 + 10

Asset C: Vulnerability 3 rated as 12 = (100 x 0.1) – 0% + 20% Where 12= (100 x 0.1) – ((100 x 0.1) x 0.0) + ((100 x0.1) x 0.2)
12 = 10 - 0 + 2


Related Discussions:- Risk determination

Udp- datagram transport service, UDP- DATAGRAM TRANSPORT SERVICE INT...

UDP- DATAGRAM TRANSPORT SERVICE INTRODUCTION:  UDP is the one of the transport protocols in TCP/IP protocol suite. UDP protocol accepts applications on the computers to

Need assignemnt help in information security assignemnt, Need Assignemnt he...

Need Assignemnt help in Information security assignemnt

Risk assessment, RISK ASSESSMENT Risk assessment is a step in a risk man...

RISK ASSESSMENT Risk assessment is a step in a risk management technique. Risk assessment is the determination of quantitative or qualitative value of risk related to a concrete

What do you meant by network address translation, Problem: (a) What do ...

Problem: (a) What do you meant by Network Address Translation (NAT)? Why is it used? (b) Given the following information by your ISP about your newly acquired Frame Relay c

Explain the basic network topologies, Question: (i) ‘Implementation' is...

Question: (i) ‘Implementation' is a critical stage of the Systems Development Life Cycle. Show the four approaches which are commonly used to implement information systems in

Wan architecture and wan service, MegaCorp INC. is a large manufacturing f...

MegaCorp INC. is a large manufacturing firm that operates 5 factories in Dallas, 4  factories in Los Angeles, and 5 factories in Albany, New York.  It operates a tightly  connected

Develop firewall rules, Question requires you to develop firewall rules bas...

Question requires you to develop firewall rules based on a fictitious organisation. Scenario: You work for a security-conscious company, xC-Cure, who develop encryption tec

Public key cryptosystem based on rsa technology, Problem: (a) What is ...

Problem: (a) What is the minimum length of a password that could be considered to be "strong" in the context of today's computing power? (b) The security of a PIN system,

Computer security, Implementing an effective online authentication scheme i...

Implementing an effective online authentication scheme in practice faces many challenges. Systems with highly sensitive data often require multifactor authentication. But, requirin

Encryption, How safe is the encryption of virtual private networks?

How safe is the encryption of virtual private networks?

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd