Your Ad Here

Monday, December 1, 2008

Security Definitions - Risk Assessment

Risk Assessment - is a qualitative or quantitative review of the likelihood a threat agent taking advantage of the vulnerability. Some security related examples are:

  • Open ports on a firewall
  • Not upgrading to new OS version
  • Not applying a software patch
Basic Security Steps of Risk Assessments:
  1. Identify and prioritizing assets
  2. Identify vulnerabilities
  3. Identify threat and probabilities of it occurring
  4. Identify countermeasures
  5. Develop a cost benefit analysis
  6. Develop security policies and procedures

No comments: