Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Management
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Re: Risk Assessment Modelling

from [Karan Saberwal] Network Security [Permanent Link]
Subject: Re: Re: Risk Assessment Modelling
Date: Thu, 14 Jul 2005 20:24:08 +0530 
My two cents:

1. "Am in the process of estimating the impact on the asset w.r.t C, I and 
A."
You probably need to re-look at the approach. It might be a better idea to 
assess the impact on Business rather than impact on asset.

2. I would appreciate if you could throw some light on "sum of squares" and 
"weighted scale' methods. Which one would be a better indicator?
All approaches are good. Just that you would need to assess whether all of 
C,I,A would be applicable to all assets.

 Cheers,
Karan

On 12 Jul 2005 09:02:03 -0000, spn9876@yahoo.com <spn9876@yahoo.com> wrote:

I am sorry for my trouble. I need a piece of guidance regarding Risk 

Assessment. Am in the process of estimating the impact on the asset w.r.t C, 
I and A. When I was browsing the net for some guidance , I happen to come 
across your message on the www.securityfocus.com<http://www.securityfocus.com>. 
I would appreciate if you could throw some light on "sum of squares" and 
"weighted scale' methods. Which one would be a better indicator?


Kind Regards and thanks,
span
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Segregation of Duities and least priviliges for DB, Nabil MALIK / KTEFH - OTAS
Next by Date:  RE: Security Management System, Richard Dayne
Previous by Thread:  Re: Re: Risk Assessment Modelling, spn9876
Next by Thread:  Security Management System, Claire MacGuiness
Indexes:  [Date] [Thread] [Top] [All Lists]