Nt 2580 Unit 4 Assignment 1

James D Dobbins NT2580 Unit 5 Assignment 1: Testing and Monitoring Security Controls Two popular types of security events that might indicate suspicious activity are Authentication Failures, and Unauthorized Access Attempts. Most times you will get this when you have failure due to device denying connection or incorrect password being entered in. Some system administrators set up alerts to let them know when there is an unauthorized access attempt, so that they may investigate the reason. These alerts can help stop hackers from gaining access to a secure or confidential system. Many secure systems may also lock an account that has had too many failed login attempts. Two popular types of baseline anomalies that might indicate suspicious activity are Network Abuse, and Employees are downloading unauthorized material. That is why there are many policies out there to monitor the network abuse and employee abuse of unauthorized material. Some of those policies are NAPO (Network abuse and policy

Unformatted text preview: NT2580: Unit 6 Quantitative and Qualitative Risk Assessment Analysis Qualitative Risk Assessment Single loss expectancy (SLE): Total loss expected from a single incident Annual rate of occurrence (ARO): Number of times an incident is expected to occur in a year Annual loss expectancy (ALE): Expected loss for a year ALE = SLE X ARO Safeguard value: Cost of a safeguard or control Scenario: Richman Investments provides high-end smartphones to several employees. The value of each smartphone is $500, and approximately 1,000 employees have these company-owned devices. In the past year, employees have lost or damaged 75 smartphones. With this information, calculate the following: SLE = _$500___________ ARO = _75__________ ALE = _$37,500___________ Richman is considering buying insurance for each smartphone. Use the ALE to determine the usefulness of this safeguard. For example, Richman could purchase insurance for each device for $25 per year. The safeguard value is $25 X 1,000 devices, or $25,000. It is estimated that if the insurance is purchased, the ARO will decrease to 5. Should the company purchase the insurance? Determine the effectiveness of the safeguard: Current ALE = _$37,500_____________ ARO with control = 5 ALE with control = _$500x5=$2,500____________ Savings with control = $37,500-$2,500=$35,000___________ (Current ALE - ALE with control) Safeguard value (cost of control) = $25,000 Realized savings = $35,000-$25,000=$10,000_____________ (Savings with control - safeguard value) Should Richman buy the insurance? Explain your answer. ___It makes sense for Richman Investments to buy insurance because it will save the company $10,000 a year if the phones are lost, stolen , or damaged.____________________________________________________________________________ ____________________________________________________________________________________ © ITT Educational Services Page 1 NT2580: Unit 6 Quantitative and Qualitative Risk Assessment Analysis ____________________________________________________________________________________ ____________________________________________________________________________________ _____ © ITT Educational Services Page 2 NT2580: Unit 6 Quantitative and Qualitative Risk Assessment Analysis Qualitative Risk Assessment Probability: The likelihood that a threat will exploit a vulnerability. Probability can use a scale of low, medium, and high, assigning percentage values to each. Impact: The negative result if a risk occurs. You can use low, medium, or high to describe the impact. You can calculate the risk level using the following formula: Risk Level = Probability X Impact Scenario: Richman Investments is concerned about the security of its customer data. Management has determined that the three primary risks the company faces in protecting the data are as follows: Unauthorized access by an external party Sabotage by an internal employee Hardware failures Richman has created scales for the probability and impact of risks as follows: Probability: Low = 10%, Medium = 50%, and High = 100% Impact: Low = 10, Medium = 50, and High = 100 After surveying key individuals in the company, Richman calculated the probability and impact of each risk, as shown in the table below. Based on the information given above, calculate the risk level for each risk: Category Probability Impact Risk Level Unauthorized access by an external party 25 50 1,250 Sabotage by an internal employee 75 100 7,500 Hardware failures 30 25 750 Which risk has the highest risk level? ____Sabotage by internal employee_____________________ Prioritize the risks from high to low: Priority 1: Sabotage by internal employee Priority 2: Unauthorized access by an external party Priority 3: Hardware failures © ITT Educational Services Page 3 NT2580: Unit 6 Quantitative and Qualitative Risk Assessment Analysis You need to present the data graphically to senior management in the form of a risk matrix. A sample risk matrix is shown below: Complete the following risk matrix based on your data: High Impact 100 1 Sa Sabotage by internal employee Unauthorized access by 0 Low Probability external party 2 High Probability 100 3 Bbbb Hardware Failure Low Impact © ITT Educational Services 0 Page 4 ...
View Full Document

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *