Question: a. Apply the following data to evaluate the time-based model of security for the XYZ Company. Does the XYZ Company satisfy the requirements of the
• Estimated time for attacker to successfully penetrate system = 25 minutes
• Estimated time to detect an attack in progress and notify appropriate information security staff = 5 minutes (best case) to 10 minutes (worst case)
• Estimated time to implement corrective actions = 6 minutes (best case) to 20 minutes (worst case)
b. Which of the following security investments to you recommend? Why?
1. Invest $50,000 to increase the estimated time to penetrate the system by 4 minutes
2. Invest $50,000 to reduce the time to detect an attack to between 2 minutes (best case) and 6 minutes (worst case)
3. Invest $50,000 to reduce the time required to implement corrective actions to between 4 minutes (best case) and 14 minutes (worst case).
Step by Step Solution
★★★★★
3.39 Rating (155 Votes )
There are 3 Steps involved in it
1 Expert Approved Answer
Step: 1 Unlock
a XYZ Company is secure under their bestcase scenario b... View full answer
Question Has Been Solved by an Expert!
Get step-by-step solutions from verified subject matter experts
Step: 2 Unlock
Step: 3 Unlock
Document Format (1 attachment)
373-B-A-I-S (4869).docx
120 KBs Word File
Study Help