Therefore the metrics reproducibility affected users

This preview shows page 2 - 5 out of 7 pages.

Therefore, the metrics Reproducibility, Affected Users, and Discoverability metrics have already been scored as 3 for all vulnerabilities.
Packet Tracer - Threat Modeling to Assess Risk in an IoT System 2018 - 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 3 of 7 In an actual risk assessment, the A metric would not be assumed to be 3. However, it is recommended that R and second D always be rated 3. a. Use the following table to grade your previously discovered threats according to the scoring explanation shown above. Normally, every relevant identified threat would be rated. However, for the purposes of this Packet Tracer, you can choose several threats from each of the three elements of the IoT attack surface that we have discussed in this course. Attack Surface and Threat D R E A D Total 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 Hacerse pasar por alguien que no es, smarphone 3 3 15 Falsificar datos, Home Gateway 13 3 3 1 1 13 Fingir que realizó una transacción o operacion, MCU 2 2 13 Apagar los dispositivo o dañar dispositivos, MCU 3 3 15 Acceder a privilegios recursos destinados solo a administradores o superusuarios 3 3 15 Cables fraudulentos, Splitter Coaxial 1 3 13 Extensiones de navegador maliciosas, Tablet o Smartphone 1 3 13 Actualizaciones falsas, Home gateway 1 1 13 Programas y archivos descargados de Internet son una fuente de amenaza muy importante 3 2 14 ¨Routers¨ con seguridad domotica 1 1 11 Inyectar con éxito datos falsificados en el sistema
Packet Tracer - Threat Modeling to Assess Risk in an IoT System 2018 - 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 4 of 7 b. Put the risks in order by the highest to lowest DREAD metric and estimate the likelihood that the risk will occur. Do this by copying the risks over, or by marking up the table that you completed above. Score the likelihood as 1 for unlikely and 3 for very likely. Attack Surface and Threat Total Likelihood Hacerse pasar por alguien que no es, smarphone 15 3 3 Apagar los dispositivo o dañar dispositivos, MCU 15 Acceder a privilegios recursos destinados solo a administradores o superusuarios, Modem 15 3 Programas y archivos descargados de Internet son una fuente de amenaza muy importante 14 2 Inyectar con éxito datos falsificados en el sistema 13 2 Extensiones de navegador maliciosas, Tablet o Smartphone 13 3 Routers¨ con seguridad domotica 11 3

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture