Risk determination, Computer Network Security

Assignment Help:

Risk Determination

For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an element of uncertainty. For instance

• Information asset A has a value score 50 and has 1 vulnerability: Vulnerability
1 has a likelihood of 1.0 with no current controls and you estimate that the assumptions and data are 90 percent accurate.
• Information asset B has a value score of 100 and has 2 vulnerability 2 has a likelihood of 0.5 with a current control which addresses 50 percent of risk. Vulnerability
3 has a likelihood of 0.1 with no current controls.

Resulting ranked list of risk ratings for the 3 vulnerabilities:

 Asset A: Vulnerability 1 rated as 55 = (50 x 1.0) –0% + 10% Where 55 = (50 x 1.0) – ( ( 50x 1.0)x0.0) + ( ( 50x1.0) x 0.1)
55 = 50 - 0 + 5

Asset B: Vulnerability 2 rated as 35 = (100 x 0.5) – 50% + 20% Where 35 = (100 x 0.5) – ( (100 x 0.5)x 0.5) + ( ( 100 x0.5) x 0.2)
35 = 50 – 25 + 10

Asset C: Vulnerability 3 rated as 12 = (100 x 0.1) – 0% + 20% Where 12= (100 x 0.1) – ((100 x 0.1) x 0.0) + ((100 x0.1) x 0.2)
12 = 10 - 0 + 2


Related Discussions:- Risk determination

Network analysis and network representation of a project, Question: Net...

Question: Network diagrams combine with a set of systematic analysis procedures, serve to remedy the shortcomings of the Gantt chart. Explain the following terms used in the ne

The cost benefit analysis (cba) formula, The Cost Benefit Analysis (CBA) Fo...

The Cost Benefit Analysis (CBA) Formula CBA determines that whether the control alternative being evaluated is worth cost incurred to control vulnerability or not. CBA easily ca

Vulnerability identification-risk management, Vulnerability Identification ...

Vulnerability Identification Specific avenues threat agents can exploit to attack an information asset are known as vulnerabilities. Examine how each threat can be generated and

Describe the five-layer network using block diagrams, Problem 1: a) One...

Problem 1: a) One of the limitations of file processing systems is data inconsistency. Briefly explain with the help of an example what do you understand by this phrase. b)

Mastering the complexity of network system, To master the complexity one mu...

To master the complexity one must apply the given points. CONCENTRATE IN UNDERSTANDING THE CONCEPTS: Instead of details of wires used to connect computers to a specif

Intrusion detection and classification, i want to detec and classify networ...

i want to detec and classify network anomaly detection based on KDD99 data set using swarm intelligence

TCP / IP, Let me know the details of protocol tcp/ip

Let me know the details of protocol tcp/ip

Bus topology, In BUS topology every computer is directly connected to p...

In BUS topology every computer is directly connected to primary network cable in a single way. Bus networks are the easiest way to connect multiple users, but can have problems

What is the benefit of adopting a password aging policy, QUESTION (a) H...

QUESTION (a) Hashing and salting is commonly used as password storage techniques for most applications. Describe how hashing and salting enable secure storage of password (b

Incident response, Incident Response: Complete the following sections as id...

Incident Response: Complete the following sections as identified from your Incident Response template (in MS Word format): Update the table of contents (autogenerated) Separate

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd