# Security Plus Notes Essay example

1885 Words Nov 4th, 2014 8 Pages
Chapter 1: Measuring and Weighing Risk
Risk Assessment
Risks to which the organization is exposed
Allows you to develop scenarios that can help evaluate how to deal with risks
Ex. An OS, server, or application may have known risks in certain environments
Create a plan for your organization.
Risk assessment components allows the organization to provide a reality check on real risks and unlikely risks.
Ex. Industrial espionage and theft are likely, but a risk of a pack of dogs stealing contents of payroll files is low, therefore resources should be allocated to prevent espionage. * Computing Risk Assessment
Prioritize
Measurements of risk assessment
Annualized rate of Occurrence (ARO)
This is the
What is ALE?
The SLE equals \$90,000 (100,000 x .9), and the ARO is .33. therefpre the ALE is 29,700 (\$90,000 x .33).
Your work at the help desk of a small company. One of the most common requests is to help retrieve a file that has been accidentally deleted by the user. On average, this happens once a week. If the user creates the file and then deletes it on the server (about 60% of incidents), then it can be restored in moments from the shadow copy and the is rarely any data lost. If the user creates the file on their workstation and then deletes it, (40% of the time), and if it cannot be recovered and it takes the user and average of two hours to re-create it at \$12 an hour, what is the ALE?
The SLE is \$24 (\$12 x 2), and the ARO is 20.8 (52 weeks x .4). therefore the ALE equals \$499.20 (24 x 20.8)
Risk assessment can either be qualitative (opinion based and subjective) or quantitative (cost based and objective). The formulas for SLE, ALE, and ARO are based on assessments that lead to \$ amounts so they are quantitative. * Acting on Your Risk Assessment
Risk avoidance
Involves identifying a risk and making the decision to no longer engage in the actions with that risk. Ex: a company decides that many risks are associated with email attachments and decide no email attachments can enter the network.
Risk transference
Share some of the burden of risk with someone else, such as an insurance company. A typical policy would pay you a cash amount if all

## Related Documents

• ###### Essay A Brief Note On Email Archiving Encryption And Security

A Guide to Email Archiving Encryption and Security Communication is important in the business world. One of the best ways that we can communicate with one another is through emails. Some emails are simply ones that can be quickly read and tossed aside. However, there are many other emails that we may want to save for future reference. One of the downsides of saving emails is that they can quickly take up space in our inbox, which can make it difficult to view new emails. One solution is to save important…

Words: 1083 - Pages:
• ###### Essay Systems Security And System Security

System security comprises of the procurements and approaches embraced by a system overseer to counteract and screen unapproved access, abuse, alteration, or refusal of a PC system and system available assets. To comprehend what is system security, it serves to comprehend that no single arrangement shields you from a mixture of dangers. You require various layers of security. On the off chance that one comes up short, despite everything others stand. System security is proficient through equipment…

Words: 1010 - Pages: 5
• ###### Essay Computer Security And Cyber Security

Computer security also known as cyber security or information technology security is a extremely concerned topic in 21st century in every country and domain with increasing frequent data threats and information leakage. According to 2012 cyber attacks statistics [1] , every month, more than 70 attacks without unknown threats occurred all of the world in 2012 and in June that year, the record exceeded 120. For example, a significant hacking issue reported by BBC News online was that in 2007, American…

Words: 1272 - Pages: 6
• ###### Notes Essay

Microsoft Office 2010~ the newest version of Microsoft office, offering features that provide users with better functionality and easier ways to work with the various files They create. Microsoft Office 2010 Suites 1 Microsoft Office Professional Plus 2010 2 Microsoft Confessional 2010 3 Microsoft Office Home and Business 2010 4 Microsoft Office Standard 2010 5 Microsoft Office Home and Student 2010 What is a menu? List of related items including folders, programs, and commands What does…

Words: 755 - Pages: 4
• ###### It Security Essay

NextGard Technologies Windows Security Implementation Model Michael White American Public University Author Note This paper was prepared for ISSC362 B003 Fall 12, taught by Professor Butler, William NextGard Technologies Windows Security Implementation Model Below are the seven areas of concentration for the focus of this essay: in section one Microsoft Windows access controls will be researched and discussed for solutions with details that are appropriate, in section two cryptography…

Words: 1433 - Pages: 6
• ###### Essay A Note On The Note

The note is post-dated, but that is permitted by the UCC [3.113(a)]. It is a “promise” as defined in Article 3 [3.103(a)(12)], being an undertaking (“I promise”) to pay money (\$800), signed by the promisor, and thus being written. The amount (\$800) is fixed [3.104(a)], the promise is not payable to bearer or the order of bearer but runs “to the order of” Carl, an identified person, so it is payable to order [3.109(a)(i) & (b)(i), and 3.104(a)(1)]. Payable “at any time within one year of the date”…

Words: 1208 - Pages:
• ###### CISSP Exam Notes - Physical Security Essay

CISSP Exam Notes - Physical Security 1 CISSP Exam Notes - Physical Security 1. Introduction 1.1 Physical security addresses the physical protection of the resources of an organization, which include people, data, facilities, equipment, systems, etc. It concerns with people safety, how people can physically enter an environment and how the environmental issues affect equipment and systems. People safety always takes precedence over the other security factors. 1.2 Physical security is the…

Words: 4765 - Pages: 20
• ###### Essay The Security Of The Internet Banking

taking ever precautions to ensure this doesn 't happen again.Community Trust & Banking Company uses the most advanced security available on the Internet today. The same level of security used in our branches is also employed in our Internet Banking products. All sensitive information is encrypted and online access requires a Personal ID and a password known only to you. (Note: Only valid account-holders should know the Internet Banking ID and Internet Banking PIN) Designed and tested with and…

Words: 908 - Pages: 4
• ###### Abstinence-Plus Essay

In the article, “More Schools to Teach Abstinence-Plus,” as seen on page A21A of the September 16, 2011 issue, author Morgan Smith tells her readers about new programs being introduced in West Texas to tech teenagers about not only abstinence, but additional how to practice safe sex. The article explains how teenage pregnancy rates in West Texas continue to spike despite the effort to push abstinence on teens. It explains in detail of a new sexual education program where teens are encouraged…

Words: 1189 - Pages: 5
• ###### Essay Security Issues Of The World Of Security

However, one thing that I am certain about, in the ever changing world of security is that attackers will overwhelm your staff by sheer volume alone. You cannot and will not win alone. The average number of staff dedicated to information security in many of the companies I have dealt with, floats between 4 and about 20 staffers tasked with security related matters. Four to twenty individuals not only dedicated to security, but to other tasks as well: systems administration, networking, incident response…

Words: 1192 - Pages: 5