VULNERABILITY THREAT EXPLOIT Reduce or eliminate the likelihood of the event happening. CONDITION POTENTIAL (passive element) EVENT CONSEQUENCE (loss) Reduce or eliminate the likelihood of the event happening. COUNTERMEASURE
DONT USE
B)
Calculate the probability that the system is being compromised, given that you can find a message authentication code to protect it.
provide a screenshot of your execution of BN, showing the variables that you set the evidence and the final result after the propagation of the evidence.
IN ORDER TO ANSWER THIS QUESTION please see the scnario in below:
several security issues in the new generation of surveillance systems applied to global aviation—the Automatic Dependent Surveillance-Broadcast (ADS-B) system. It mainly involves extracting and processing the aviation aircraft's position information and other additional information to form a clear and intuitive background map and trajectory.
However, ADS-B broadcasts information via open and unencrypted protocols, making it vulnerable to deliberate intrusions and attacks, which poses a significant security risk. each threat and provides solutions to mitigate the risk of the threat being a successful exploit.
Your task is to determine the overall risk to the system that is compromised if a vulnerability/weakness is successfully exploited by a threat source, given a specific condition. You can also apply a countermeasure (mitigation) that reduces or eliminates the condition (presence of vulnerability and the threat) or the event (exploitation). The following figure shows the basic idea of the process.
Figure 1 - Risk Assessment Process. please see the attached picture
Ultimately, the goal is to measure the probability of the system being compromised, considering the exploitation of a vulnerability/weakness and the presence of any countermeasure for the specific group of threats. You must find at least one exploitation to determine if the system is compromised.
While analyzing the dataset, we found that confidentiality threats impact around 30% of the system's compromise, integrity threats impact 40%, and availability threats 70%. It is important to cite that each group of threats is mutually independent, given the system's condition is compromised.
To determine the feasibility of the exploitation, we must consider two factors: harmful and difficult. Confidential and integrity threats are present 23% of the time when both factors are low. The other situation turns them 80% (confidential) and 60% (integrity). The situation changes when we have availability threats; the feasibility of exploitation for low factors is 10%, high factors are 97%, and the other combination is around 65%.
The presence of any mitigation strategy in the confidential threat group disables the threat and its exploitation in 35% of the cases. In the integrity threat groups, it is 45%, and in the availability groups, it is 85%.
Model the network using Within-Node independence when you find it.
Again no AI at all
Step by step
Solved in 2 steps