Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

An organization determines that the probability of unauthorized access to a data

ID: 3572716 • Letter: A

Question

An organization determines that the probability of unauthorized access to a database that contains personally identifiable information (PII) about its clients and employees is 5% in a year. The total estimate of the loss due to this exposure is estimated to be 5 million dollars. This includes losses resulting from loss of reputation, business operations, fines imposed by FCC, legal fees.

After consulting with a security firm, a product was identified that could implement stronger access control and that could allow security administrator to track such an unauthorized access. The total cost of the product is $500,000, plus $10,000/year for maintenance. The product should work well for next five years. It is estimated that, if implemented, it will protect from 90% of all such attacks.

We want to know whether the organization should purchase this product.



What is the Single Loss Expectancy (SLE)? (Please enter digits only – dollar amount)

What is the Annualized Rate of Occurrence (ARO)? Percentage only

What is the calculated Annualized Loss Expectancy (ALE)? (Please enter digits only dollar amount)

What would be the ARO if the countermeasure is implemented? Percentage %

What would be the corresponding ALE? (Please enter digits only dollar amount)

What is the countermeasure cost for a year? (Please enter digits only dollar amount)

Should the organization purchase this product? (Please enter Yes or No)

Explanation / Answer

(1)

Single Loss Expectancy = Asset Value * Exposure Factor

Asset Value= $5000000

Exposure Factor = 5 %

=(510000*5)/100
=25500

Therefore, Single Loss Expectancy is 25500.

(2)

Total Loss due to this exposure = 5M USD

= 50,00,000

Rate of Occurrence (RO in 5 years) =50,00,000/25500

=196.5

Annualized Rate of Occurrence =((197/5)/197)*100

=20% or 40

(3)

Annualized Loss Expectancy (ALE) =SLE*ARO

= (25500) =25,000*40

=10,00.000

(4)

After counter measures, 90% will not happen so

(197*10)/100
=20

ARO after the counter measure= 20/5=4 or (4/20)*100= 20%

(5)

ALE after counter measures = 25500*4

= 1,02,000

(6)

Cost of counter measure is 5,00,000*(5*10,000)

=5,50,000 USD for five years.

(7)

Yes, The organization should buy this product as the loss is reduced.

Related Questions

An organ pipe is 1.90 meters long. It can be played with both ends open, which s
Question #1644641
An organ pipe is 112 c m long. The speed of sound in air is 343 m / s . What are
Question #1424839
An organ pipe is 248 cm long. (a) Determine the fundamental overtone if the pipe
Question #2076107
An organ pipe is open at one end and closed at the other. The pipeis designed to
Question #1664443
An organ pipe open at both ends is 1.56m long. A second organpipe that is closed
Question #1745760
An organ system in man that provides for the exchanges of gases is: respiratory.
Question #316933
An organelle found in plant sells that controls rigidity is called Central vacuo
Question #99006
An organic acid with a molecular weight of 88.0 g/mil was determined to be 54.55
Question #998793
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
An organization determines that the probability of unauthorized access by intern
Next
An organization determines that the probability of unauthorized access to a data

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.