Unit 3-3 Risk Analysis [Compatibility Mode]

Unit 3-3 Risk Analysis [Compatibility Mode] - 12/19/2010 1...

Info iconThis preview shows pages 1–4. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: 12/19/2010 1 Unit 3: Risk Analysis Unit 3: Risk Analysis Part 3 Click Here To Start Audio CC Criteria CC Criteria - Threat Analysis Threat Analysis The owners of the assets will analyze the possible threats to determine which ones apply to their environment. The results are known as risks. This analysis can aid in the selection of countermeasures to counter the risks and reduce it to an acceptable level. Threat Analysis Threat Analysis - IEC 15466 IEC 15466 1) Prepare a list of threats- Brainstorm- Penetration Testing 2) Likelihood of each threat occurring is estimated and severity established IOC/IEC PDTR 15466(2001-04) 12/19/2010 2 Identifying Threat Agents Identifying Threat Agents c Who might consider it worth their while? c Who would be in a position to attempt to compromise the asset? c What is likely to be their expertise, opportunities, and available resources? c IOC/IEC PDTR 15466(2001-04) How Should Threats Be How Should Threats Be Specified? Specified? c Threat Agent (e.g. Unauthorized User) c Asset Subject to Attack c Attack Method Employed IOC/IEC PDTR 15466(2001-04) Threat Specification Threat Specification c Each should be uniquely labeled sequential numbering (e.g., T1, T2, T3) unique label c Directly compromise Asset--(not generic like their might be flaws in TOE) IOC/IEC PDTR 15466(2001-04 12/19/2010 3 Determining Risk Severity Determining Risk Severity c Some References Recommend Assigning Dollar Value c Difficult To Accomplish...
View Full Document

Page1 / 6

Unit 3-3 Risk Analysis [Compatibility Mode] - 12/19/2010 1...

This preview shows document pages 1 - 4. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online