Question: a Apply the following data to evaluate the time based model

a. Apply the following data to evaluate the time-based model of security for the XYZ Company. Does the XYZ Company satisfy the requirements of the time-based model of security? Why?
• Estimated time for attacker to successfully penetrate system = 25 minutes
• Estimated time to detect an attack in progress and notify appropriate information security staff = 5 minutes (best case) to 10 minutes (worst case)
• Estimated time to implement corrective actions = 6 minutes (best case) to 20 minutes (worst case)
b. Which of the following security investments to you recommend? Why?
1. Invest $50,000 to increase the estimated time to penetrate the system by 4 minutes
2. Invest $50,000 to reduce the time to detect an attack to between 2 minutes (best case) and 6 minutes (worst case)
3. Invest $50,000 to reduce the time required to implement corrective actions to between 4 minutes (best case) and 14 minutes (worst case).


View Solution:


Sale on SolutionInn
Sales0
Views335
Comments
  • CreatedDecember 19, 2014
  • Files Included
Post your question
5000