Risk determination, Computer Network Security

Assignment Help:

Risk Determination

For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an element of uncertainty. For instance

• Information asset A has a value score 50 and has 1 vulnerability: Vulnerability
1 has a likelihood of 1.0 with no current controls and you estimate that the assumptions and data are 90 percent accurate.
• Information asset B has a value score of 100 and has 2 vulnerability 2 has a likelihood of 0.5 with a current control which addresses 50 percent of risk. Vulnerability
3 has a likelihood of 0.1 with no current controls.

Resulting ranked list of risk ratings for the 3 vulnerabilities:

 Asset A: Vulnerability 1 rated as 55 = (50 x 1.0) –0% + 10% Where 55 = (50 x 1.0) – ( ( 50x 1.0)x0.0) + ( ( 50x1.0) x 0.1)
55 = 50 - 0 + 5

Asset B: Vulnerability 2 rated as 35 = (100 x 0.5) – 50% + 20% Where 35 = (100 x 0.5) – ( (100 x 0.5)x 0.5) + ( ( 100 x0.5) x 0.2)
35 = 50 – 25 + 10

Asset C: Vulnerability 3 rated as 12 = (100 x 0.1) – 0% + 20% Where 12= (100 x 0.1) – ((100 x 0.1) x 0.0) + ((100 x0.1) x 0.2)
12 = 10 - 0 + 2


Related Discussions:- Risk determination

Meaning of dns - domain name system, What do you understand by the DNS? Exp...

What do you understand by the DNS? Explain the usage of the resource rec or ds. Domain Name System is described below: The Domain Name Service (DNS) is the hierarchi

What is the size of the initialization vector n wpa, Question : Wi-Fi p...

Question : Wi-Fi protected access (WPA) was specified by the Wi-Fi alliance with the primary aim of enhancing the security of existing 802.11 networks. However, WPA was only a

Pcm encoder, You have been asked to setup a remote temperature sensing syst...

You have been asked to setup a remote temperature sensing system for an electric furnace. The system consists of a sensor unit which feeds an analogue signal to a PCM encoder. The

What do you understand by environmental accounting, Question : Environm...

Question : Environmental Accounting is a means for businesses to fulfill their responsibilities for accountability to stakeholders. (a) What do you understand by Environment

Effective legal and ethical frameworks, All references using actual quotes,...

All references using actual quotes, paraphrase, or specific arguments, should employ page numbers. The essay is based on the unit content and should engage with the set readings, a

Risk identification-information security, Risk Identification Risk manag...

Risk Identification Risk management comprises of identifying, classifying and prioritizing organization’s information assets, threats and vulnerabilities also. Risk Identificati

TCP/ ip, Q1 (15 marks, 5 marks each part): This question has three parts: ...

Q1 (15 marks, 5 marks each part): This question has three parts: In a short paragraph (200-300 words) explain the fundamentals of Packet Switching and how it works. In a short pa

Find the capacity of the wcdma, Question: (a) Describe the term interfe...

Question: (a) Describe the term interference in the space, time, frequency, and code domain. (b) Consider a 1 G - AMPS: 824-849 MHz (forward) ; 869-894 MHz (reverse). B

Provide the network configuration, QUESTION: a) Below is a capture of a...

QUESTION: a) Below is a capture of an Ethernet II frame which has an IPv4 packet and a segment. Provide the source MAC address in hexadecimal; the source IP address, the length

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd