Risk determination, Computer Network Security

Assignment Help:

Risk Determination

For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an element of uncertainty. For instance

• Information asset A has a value score 50 and has 1 vulnerability: Vulnerability
1 has a likelihood of 1.0 with no current controls and you estimate that the assumptions and data are 90 percent accurate.
• Information asset B has a value score of 100 and has 2 vulnerability 2 has a likelihood of 0.5 with a current control which addresses 50 percent of risk. Vulnerability
3 has a likelihood of 0.1 with no current controls.

Resulting ranked list of risk ratings for the 3 vulnerabilities:

 Asset A: Vulnerability 1 rated as 55 = (50 x 1.0) –0% + 10% Where 55 = (50 x 1.0) – ( ( 50x 1.0)x0.0) + ( ( 50x1.0) x 0.1)
55 = 50 - 0 + 5

Asset B: Vulnerability 2 rated as 35 = (100 x 0.5) – 50% + 20% Where 35 = (100 x 0.5) – ( (100 x 0.5)x 0.5) + ( ( 100 x0.5) x 0.2)
35 = 50 – 25 + 10

Asset C: Vulnerability 3 rated as 12 = (100 x 0.1) – 0% + 20% Where 12= (100 x 0.1) – ((100 x 0.1) x 0.0) + ((100 x0.1) x 0.2)
12 = 10 - 0 + 2


Related Discussions:- Risk determination

Wireless security tools, WIRELESS SECURITY TOOLS An organization which s...

WIRELESS SECURITY TOOLS An organization which spends its time securing wired network and leaves wireless networks to operate in any manner is opening itself up for security brea

Feasibility studies-risk management, Feasibility Studies Before deciding...

Feasibility Studies Before deciding on strategy, all information of economic or non economic consequences of vulnerability of information asset should be explored. A number of w

How will network datagrams be protected at network layer, (a) Consider the...

(a) Consider the subsequent authentication options: A. Using password. B. Using pin and fingerprint Which option A or B provides stronger security and why? (b) Give

Udp communication semantics, UDP COMMUNICATION SEMANTICS:  UDP needs I...

UDP COMMUNICATION SEMANTICS:  UDP needs IP for all delivery, that is, similar best effort delivery as IP. To use UDP, an application have to either be immune to the causes or

Http protocol, Question (a) Name 3 popular electronic mail access prot...

Question (a) Name 3 popular electronic mail access protocols? (b) i. What is DNS? ii. Briefly, describe what it does and how it works? iii. Why does DNS use a dist

Risk determination, Risk Determination For purpose of relative risk asse...

Risk Determination For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an elem

Access control list, Scenario: A network with individual hosts (really, vir...

Scenario: A network with individual hosts (really, virtual machines) can run HTTP (web) servers that are available to the outside. (Here, available means the ability to read and wr

Ip datagram format, IP DATAGRAM SIZE:  Datagrams may have different si...

IP DATAGRAM SIZE:  Datagrams may have different sizes i.e. Header area is generally fixed (20 octets) but can have various options. Data area may contain between 1 octet and 6

Explain the limitations of a firewall, Question: (a) Mention three lim...

Question: (a) Mention three limitations of a firewall. (b) Compare packet-filtering and proxy-base firewalls. Give advantages and drawbacks of both. (c) "Proxies eff

Network security attacks, (a) Show four Network Security attacks. How do th...

(a) Show four Network Security attacks. How do they compromise security? (b) In what ways do the following devices or services contribute to security: (i) Firewall (ii) In

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd