Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

An organization determines that the probability of unauthorized access to a data

ID: 3827410 • Letter: A

Question

An organization determines that the probability of unauthorized access to a database that contains personally identifiable information (PII) about its clients and employees is 5% in a year. The total estimate of the loss due to this exposure is estimated to be 5 million dollars. This includes losses resulting from loss of reputation, business operations, fines imposed by FCC, legal fees. After consulting with a security firm, a product was identified that could implement stronger access control and that could allow security administrator to track such an unauthorized access. The total cost of the product is $500,000, plus $10,000/year for maintenance. The product should work well for next five years. It is estimated that, if implemented, it will protect from 90% of all such attacks. We want to know whether the organization should purchase this product.

1. What is the Single Loss Expectancy (SLE)? $ (Please enter digits only)

2. What is the Annualized Rate of Occurrence (ARO)?   %

3. What is the calculated Annualized Loss Expectancy (ALE)? $  (Please enter digits only)

4. What would be the ARO if the countermeasure is implemented?  %

5. What would be the corresponding ALE? $  (Please enter digits only)

6. What is the countermeasure cost for a year? $  (Please enter digits only)

7. Should the organization purchase this product?  (Please enter Yes or No)

Explanation / Answer

Here is the data as per the given criteria, please go through it.

1) Single-Loss Expectancy(SLE) is the monetry value expected from the occurence of a risk on an asset.
Mathematically it expressed as:-
Single-Loss Expectancy(SLE) = Assest Value(AV) X Exposure Factor (EF)

Here Assest value = $5,000,000
Exposure factor = 5%
so,
SLE = AV x EF
   = 5,000,000 x 0.05
   = $250,000

2) Annualized rate of occurrence (ARO)—The ARO represents the estimated frequency at which a given threat is expected to occur. Simply stated, how many times is this expected to happen in one year?
As per the given criteria,the product should work well for next five years.
i.e, ARO = 1/5
   = 0.2

3) Annualized Loss Expectancy (ALE): It is your annual cost of an every 5 year event?
If we use the equation ALE = SLE x ARO ,we get $250,000 x .2 for an ALE of $50,000.

4) ARO if the countermeasure is implemented, 10% chances to get affected.

Related Questions

An organelle found in plant sells that controls rigidity is called Central vacuo
Question #99006
An organic acid with a molecular weight of 88.0 g/mil was determined to be 54.55
Question #998793
An organic analyte is extracted from the aqueous phase into dichloromethane, whe
Question #488140
An organic chemist is planning to extract 1.00 gram of an organic compound disso
Question #925246
An organic compound (A) is to be absorbed out of air (C) using a liquid solvent
Question #494036
An organic compound absorbs strongly in the IR at 1687 cm^-1. On oxidation it is
Question #989137
An organic compound absorbs strongly in the IR at 1687 cm^-1. On oxidation it is
Question #989138
An organic compound contains carbon, hydrogen, and sulfur. A sample of it with a
Question #878601
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
An organization determines that the probability of unauthorized access to a data
Next
An organization determines that the probability of unauthorized access to a data

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.