Добавил:

triple666mafia north memphis Опубликованный материал нарушает ваши авторские права? Сообщите нам.

Вуз:

Санкт-Петербургский государственный электротехнический университет "ЛЭТИ"

Предмет:

Основы информационной безопасности

Файл:

лаба_10 / лаб_10_14_4

.pdf

Скачиваний:

Добавлен:

27.10.2025

Размер:

1.01 Mб

Скачать

☆

<<< < Предыдущая 1 2 34 / 84 5 6 7 8 > Следующая >>>

Full Asset Report

50,000

321

5 10 15 20 25 30 35 40 45 50 (x 1,000)

Dollars

Figure 8.2

2.2.3Applications

Asset	Replacement Cost Percentage of Total 345
$50,000.	100.0%

Figure 7.3

This information about replacement costs is presented below as a barchart.

50,000 345

50 (x 1,000)

Dollars

Figure 8.3

2.2.4Communications Hardware

Asset	Replacement Cost	Percentage of Total
	$50,000.	100.0%

Figure 7.4

This information about replacement costs is presented below as a barchart.

50,000

50 (x 1,000)

Dollars

Figure 8.4

2.2.5Communications Software

Asset	Replacement Cost	Percentage of Total
EWQ	$25,000.	100.0%

Full Asset Report

Figure 7.5

This information about replacement costs is presented below as a barchart.

25,000 EWQ

100

125

150

175

200

225

250 (x 100)

Dollars

Figure 8.5

2.2.6Databases

Asset	Replacement Cost	Percentage of Total
456	$7,500.	100.0%

Figure 7.6

This information about replacement costs is presented below as a barchart.

7,500

456

7 (x 1,000)

Dollars

Figure 8.6

2.2.7Documentation

Asset	Replacement Cost	Percentage of Total
OI	$10,000.	100.0%

Figure 7.7

This information about replacement costs is presented below as a barchart.

10,000 OI

10 (x 1,000)

Dollars

Full Asset Report

Figure 8.7

2.2.8Hardware

Asset	Replacement Cost	Percentage of Total
HARD	$25,000.	100.0%

Figure 7.8

This information about replacement costs is presented below as a barchart.

25,000 HARD

100

125

150

175

200

225

250 (x 100)

Dollars

Figure 8.8

2.2.9Office Equipment

Asset	Replacement Cost	Percentage of Total
QWE	$7,500.	60.0%
QWE	$5,000.	40.0%

Figure 7.9

This information about replacement costs is presented below as a barchart.

7,500

QWE

5,000

QWE

7 (x 1,000)

Dollars

Figure 8.9

The percentage of the total replacement cost for this category that is contributed by each asset is indicated in the following diagram.

Full Asset Report

QWE (40.0%)

QWE (60.0%)

Figure 9.9

2.2.10Personnel

Asset	Replacement Cost	Percentage of Total
PERS	$2,000.	100.0%

Figure 7.10

This information about replacement costs is presented below as a barchart.

2,000 PERS

100

125

150

175

200 (x 10)

Dollars

Figure 8.10

2.2.11System Software

Asset	Replacement Cost	Percentage of Total
HELPMEPLEASE	$7,500.	100.0%
Figure 7.11

This information about replacement costs is presented below as a barchart.

7,500 ELPM EPLEASE

7 (x 1,000)

Dollars

Full Asset Report

Figure 8.11

2.2.12Utilities

Asset	Replacement Cost	Percentage of Total
42	$0.	0.0%
42	$0.	0.0%

Figure 7.12

Full Threat Report

3.2 INCIDENTS INVOLVING EACH THREAT

Each Incident is defined as triple of the form <threat, loss category, asset category> . By doing things this way it is possible to separate the various forms of loss that a given threat may cause to the enterprise as the result of acting on the same asset category.

The sections below look at each threat and indicate the various incidents that were associated with it in the analysis. For each incident, a table is presented (FIGURES 13.1, 13.2, ...) indicating its SLE and ALE (where the ALE is generated by multiplying the SLE for the incident by the AFE of the threat). The overall ALE for a threat is the sum of the ALEs for each of the associated incidents. This is shown as the total of the third column. The percentage of this total represented by the ALE for each incident is indicated in the fourth column.

Also shown for each threat is a barchart that provides a visual presentation of the relative magnitudes of the ALE for each incident. These are shown as FIGURES 14.1, 14.2, ....

Piecharts are then also provided that indicate the percentage of each threat ALE that is accounted for by each incident that is used in its calculation.

3.2.1Blackmail - AFE: 0.05

The various incident classes associated with this threat are shown in the following table:

Incident Class	SLE	ALE	% of total ALE
Direct Loss, Personnel	$20.	$1.	0.0%
Figure 13.1

Direct, Personnel

Dollars

Figure

16.1Blackmail - SLE's

3.2.2Budget Loss - AFE: 0.50

The various incident classes associated with this threat are shown in the following table:

Incident Class	SLE	ALE	% of total ALE
Disclosure, Databases	$25,000.	$12,500.	100.0%
Figure 13.2

												12,500
												12,500


Disclosure, Databases


1	2	3	4	5	6	7	8	9	10	11 12 (x 1,000)
						Dollars
								Figure 14.2			Budget Loss - ALE's

Full Threat Report					2
						25,000



Disclosure, Databases
Disclosure, Databases
25	50	75 100 125 150 175 200			225 250 (x 100)
			Dollars
				Figure 16.2	Budget Loss - SLE's

3.2.3Cold/Frost/Snow - AFE: 5.00

The various incident classes associated with this threat are shown in the following table:

Incident Class	SLE	ALE	% of total ALE
Disclosure, Databases	$12,500.	$62,500.	100.0%
Figure 13.3

					62,500
					62,500

Disclosure, Databases
Disclosure, Databases
5	10 15 20 25 30 35 40 45 50			55 60 (x 1,000)
		Dollars
			Figure 14.3	Cold/Frost/Snow - ALE's

											12,500
											12,500

Disclosure, Databases
Disclosure, Databases
1	2	3	4	5	6	7	8	9	10	11 12 (x 1,000)
						Dollars
							Figure 16.3			Cold/Frost/Snow - SLE's

3.2.4Data Destruction - AFE: 20.00

The various incident classes associated with this threat are shown in the following table:

Incident Class	SLE	ALE	% of total ALE
Disclosure, Databases	$250,000.	$5,000,000.	98.9%
Direct Loss, Databases	$2,751.	$55,027.	1.1%

Figure 13.4

5,000,000 Disclosure, Databases

50 (x 100,000)

Dollars

Full Threat Report	3
		55,027



Direct, Databases
Direct, Databases
5 10 15 20 25 30 35 40 45 50	55 (x 1,000)

Dollars

Figure 14.4 Data Destruction - ALE's

Direct, Databases (1.1%)

Disclosure, Databases (98.9%)

Figure 15.4 Data Destruction - ALE's

														250,000
														250,000


Disclosure, Databases
Disclosure, Databases
	25	50	75	100	125		150	175	200	225		250 (x 1,000)
							Dollars
													2,751



Direct, Databases


25	50	75	100	125	150		175	200	225	250	275 (x 10)
					Dollars
						Figure 16.4			Data Destruction - SLE's

3.2.5 Data Disclosure - AFE: 3.00

Full Threat Report

The various incident classes associated with this threat are shown in the following table:

Incident Class	SLE	ALE	% of total ALE
Disclosure, Databases	$1,938.	$5,813.	100.0%
Figure 13.5

5,813 Disclosure, Databases

55 (x 100)

Dollars

Figure 14.5 Data Disclosure - ALE's

1,938

Disclosure, Databases

25 50 75 100 125 150 175 (x 10)

Dollars

Figure 16.5 Data Disclosure - SLE's

3.2.6Data Integrity Loss - AFE: 3.00

The various incident classes associated with this threat are shown in the following table:

Incident Class		SLE	ALE	% of total ALE
Direct Loss, Accounts Receivable		$5,526.	$16,576.	27.8%
Direct Loss, Applications		$5,507.	$16,523.	27.7%
Disclosure, Personnel		$4,500.	$13,500.	22.7%
Direct Loss, Communications Software		$2,723.	$8,171.	13.7%
Direct Loss, System Software		$817.	$2,451.	4.1%
Direct Loss, Databases		$640.	$1,921.	3.2%
Direct Loss, Accounts Payable		$147.	$443.	0.7%	Disclosure,
Databases	$0.	$0.	0.0%

Figure 13.6

Direct, Accts Rec

Direct, Applicatns

Disclosure, Personnel

Direct, Comms S/W

Direct, System S/W

Direct, Databases

					16,576
					16,523
					13,500
					8,171
					2,451
					1,921
25	50	75	100	125	150 (x 100)
			Dollars

<<< < Предыдущая 1 2 34 / 84 5 6 7 8 > Следующая >>>

Соседние файлы в папке лаба_10

#
27.10.2025855.24 Кб2лаб_10_13_1.docx
#
27.10.20251.65 Mб2лаб_10_13_2.pdf
#
27.10.20251.65 Mб2лаб_10_13_4.docx
#
27.10.20251.07 Mб2лаб_10_14_2.docx
#
27.10.2025854.84 Кб2лаб_10_14_3.docx
#
27.10.20251.01 Mб2лаб_10_14_4.pdf
#
27.10.2025941.09 Кб2лаб_10_15_1.docx
#
27.10.2025969.62 Кб2лаб_10_15_2.pdf
#
27.10.20251.46 Mб2лаб_10_15_3.docx
#
27.10.20251.57 Mб2лаб_10_15_4.docx
#
27.10.20251.25 Mб2лаб_10_16_2.pdf