Risk determination, Computer Network Security

Assignment Help:

Risk Determination

For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an element of uncertainty. For instance

• Information asset A has a value score 50 and has 1 vulnerability: Vulnerability
1 has a likelihood of 1.0 with no current controls and you estimate that the assumptions and data are 90 percent accurate.
• Information asset B has a value score of 100 and has 2 vulnerability 2 has a likelihood of 0.5 with a current control which addresses 50 percent of risk. Vulnerability
3 has a likelihood of 0.1 with no current controls.

Resulting ranked list of risk ratings for the 3 vulnerabilities:

 Asset A: Vulnerability 1 rated as 55 = (50 x 1.0) –0% + 10% Where 55 = (50 x 1.0) – ( ( 50x 1.0)x0.0) + ( ( 50x1.0) x 0.1)
55 = 50 - 0 + 5

Asset B: Vulnerability 2 rated as 35 = (100 x 0.5) – 50% + 20% Where 35 = (100 x 0.5) – ( (100 x 0.5)x 0.5) + ( ( 100 x0.5) x 0.2)
35 = 50 – 25 + 10

Asset C: Vulnerability 3 rated as 12 = (100 x 0.1) – 0% + 20% Where 12= (100 x 0.1) – ((100 x 0.1) x 0.0) + ((100 x0.1) x 0.2)
12 = 10 - 0 + 2


Related Discussions:- Risk determination

Explain the operation of the matchmaker middle agent, Question 1: (a) E...

Question 1: (a) Explain the operation of the "matchmaker" middle agent. (b) Describe why broker middle agents are more efficient in terms of the time taken for a service to

Describe briefly an artificial intelligent technique, Question : (a) W...

Question : (a) What is an IDS and what is the basic problem it faces which can be solved by Artificial Intelligence. (b) Identify and describe briefly an Artificial Intell

Network management, Ask question #MinimAn NMS is connected to a remote netw...

Ask question #MinimAn NMS is connected to a remote network by a 64 Kb/s link. The network elements in the remote network generate 50 faults/second. Of these, 5% are critical and th

Point-to-point topology, POINT-TO-POINT: In Point-to-Point topology th...

POINT-TO-POINT: In Point-to-Point topology there are two kind of topologies. 1) STAR topology 2) TREE topology In star topology each and every computer is connect

Computer security, Assume that the RSA problem is hard, prove that the RSA ...

Assume that the RSA problem is hard, prove that the RSA encryption is secure against IND- CPA. Provide a game between an adversary A and a simulator (or challenger) B.

Determine the round trip time, a) determine the RTT (round trip time) betwe...

a) determine the RTT (round trip time) between a client requesting a web page of 1024 bytes in size from an internal web server on a 100 Base-T Ethernet. Assume a one-way propagati

Address resolution protocol (arp), ADDRESS RESOLUTION PROTOCOL (ARP) T...

ADDRESS RESOLUTION PROTOCOL (ARP) TCP/IP can use any of the three address resolution functions relaying on the addressing procedure used by the underlying hardware. To guarant

Techniques for combating spam mails, Techniques for combating Spam mails ...

Techniques for combating Spam mails Many anti spam products are commercially available in market. But it should also be noted that no  one technique is a complete solution to

Linux, Discuss the risks of having a single root user

Discuss the risks of having a single root user

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd