Question: Scenario 4: Complex Problem Using ALE Definition of vulnerability, threat and risk of problem #4 Vulnerability No backup Threat A Laptop failure Risk Data Loss

Scenario 4: Complex Problem Using ALE

Definition of vulnerability, threat and risk of problem #4

  1. Vulnerability No backup
  2. Threat A Laptop failure
  3. Risk Data Loss

What is the asset in this problem?

Suppose the asset is worth $50,000. The Single Lost Expectancy (SLE) is computed by multiplying the Actual Value by the Exposure Factor

In our case, the SLE = Actual Value (AV) X Exposure Factor (EF). The Exposure Factor is the loss that can occur as a result of the threat. For problem #4, we are going to assume that the SLE is $10,000.

What is EF?

We are going to keep the ARO (the frequency of the threat every year) as .

5 assuming that the laptop crashes once every two years.

Compute the ALE. Remember

Generally, the equation below is used to decide whether to implement a particular mitigation strategy

Mitigation Investment (M1) = ALE1 (before the Mitigation Investment) ALE2 (after the Mitigation Investment) Total Cost of implementing the mitigation strategy (TC).

Suppose the cost of completing and maintaining a backup for a laptop is $400 and the ALE2 is $1000. What should be the allowable investment for this security risk? Use approximately 200 words to explain your answer.

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related Finance Questions!

Q:

Hello, Please complete my assignment. My homework is related to my Accounting Information Systems class. I am struggling with it. Must type about one page. Chapter 11 (Information Security and...

Q:

Information Security Risk Management ITC6315 Assignment 2 Assignment For this exercise, read the provided case study about AcmeHealth, and rate the risk exposure for each finding related to the...

Q:

I need a 10 page paper for my MIS class. Please do not copy and paste as my school is getting stricter on plagiarism. I have attached the assignment and the sample \fData Analytic Thinking 1 Data...

Q:

He want us to identify the 18 vulnerabilities. template is attach. Case No. 2000-02: Recreation, Inc. 1 AICPA Case Development Program RECREATION, INC. AN INFORMATION TECHNOLOGY RISK ASSESSMENT CASE...

Q:

QUESTION 1 Which of the following is not a step that would be performed in a vulnerabilty assessment? a. Apply security controls b. Testing the system for vulnerabilities, using a tool such as Nessus...

Q:

Old MathJax webview Old MathJax webview Old MathJax webview I edited and add new informations to make it very clear I submitted it all again, read from page after the previous submission It's...

Q:

Hi, I am doing a project for derivatives class and I have some questions about a regression and Monte Carlo simulation that I need to come up with. So the goal is to hedge against CDS instruments by...

Q:

Task: Read all content within Lecture Material and focus on the Threat Assessment area then do assignment. Before any risk judgments can be made or effective treatments applied, it is necessary to...

Q:

Risk Management Concepts- Revision Risk Management Assets Threats Vulnerabilities Controls Consequences Risk Assessment Quantitative Risk Assessment Qualitative Risk Assessment Risk Control...

Q:

1 WILMINGTON UNIVERSITY LIBRARY Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) 2 WILMU LIBRARY SERVICES 20,000 student population served 13 physical locations of access to university...

Q:

You were recently hired by Intel in its finance division. Your first assignment is to determine the net cash flows of the proposed new generation of mobile chips. Capital expenditures to produce the...

Q:

A noisy truck approaches you from behind a building. Initially you hear it but cannot see it. When it emerges and you do see it, its sound is suddenly brighteryou hear more of the high-frequency...

Q:

Which of the following statements correctly discusses the regression coefficient used in Sharpe's style analysis? More than one answer may be correct. Multiple select question. The regression...

Q:

8:37 * N. 80% i ... OBJECTIVES: Create relationships Create a Pivot Table from Related Tables Create a PivotChart Modify the PivotChart The major section in this chapter :ontinuation is: Data...

Q:

Please rsvp to sony corp. just as soon as you know your schedule.

Q:

Address it to art bowers, chief of production.

Q:

Dr. paul hansen is joining our staff.