Principles of Information Security (MindTap Course List)
Principles of Information Security (MindTap Course List)
6th Edition
ISBN: 9781337102063
Author: Michael E. Whitman, Herbert J. Mattord
Publisher: Cengage Learning
Question
Book Icon
Chapter 5, Problem 3E
Program Plan Intro

Annualized Rate Occurrence (ARO):

Annualized Rate Occurrence is the estimated frequency at which a given threat is expected to happen.

ARO can be calculated by using the following formula:

ARO=One yearFrequency of occurrence (1)

Annualized Loss Expectancy (ALE):

Annualized loss expectancy is the loss expected from the attack of a specific information asset which has been carried over for a year. It is a product of single loss expectancy and the annualized rate of occurrence.

ALE can be calculated by using the following formula:

ALE=SLE × ARO (2)

Expert Solution & Answer
Check Mark

Explanation of Solution

Calculate ARO for Programmer mistakes:

Substitute the value of “One year” as “365” and “Frequency of occurrence (One per week)” as “7” in the equation (1).

=3657=52

Hence, the ARO for programmer mistakes is “52 (approximately)”.

Calculate ARO for Loss if intellectual property:

Substitute the value of “One year” as “365” and “Frequency of occurrence (One per year)” as “365” in the equation (1).

=365365=1

Hence, the ARO for Loss if intellectual property is “1 (approximately)”.

Calculate ARO for Software Piracy:

Substitute the value of “One year” as “365” and “Frequency of occurrence (One per week)” as “7” in the equation (1).

=3657=52

Hence, the ARO for Software Piracy is “52 (approximately)”.

Calculate ARO for Theft of information (hacker):

Substitute the value of “One year” as “365” and “Frequency of occurrence (One per quarter)” as “ 14 ” (i.e 3654 ) in the equation (1).

=36591.25=4

Hence, the ARO for Theft of information (hacker) is “4 (approximately)”.

Calculate ARO for Theft of information (employee):

Substitute the value of “One year” as “365” and “Frequency of occurrence (One per 6 months)” as “ 12 ” (i.e 3652 ) in the equation (1).

=365182.5=2

Hence, the ARO for Theft of Theft of information (employee) is “2 (approximately)”.

Calculate ARO for Web defacement:

Substitute the value of “One year” as “365” and “Frequency of occurrence (One per months)” as “ 36512 ” in the equation (1).

=36530.417=12

Hence, the ARO for Web defacement is “12 (approximately)”.

Calculate ARO for Theft of equipment:

Substitute the value of “One year” as “365” and “Frequency of occurrence (One per year)” as “365” in the equation (1).

=365365=1

Hence, the ARO for Theft of equipment is “1 (approximately)”.

Calculate ARO for Viruses, worms, Trojan Horses:

Substitute the value of “One year” as “365” and “Frequency of occurrence (One per week)” as “7” in the equation (1).

=3657=52

Hence, the ARO for Viruses, worms, Trojan Horses is “52 (approximately)”.

Calculate ARO for Denial-of-service attacks:

Substitute the value of “One year” as “365” and “Frequency of occurrence (One per quarter)” as “ 14 ” (i.e 3654 ) in the equation (1).

=36591.25=4

Hence, the ARO for Denial-of-service attacks is “4 (approximately)”.

Calculate ARO for Earthquake:

Substitute the value of “One year” as “365” and “Frequency of occurrence (One per 20 years)” as “ 365×20 ”  in the equation (1).

=3657300=0.05

Hence, the ARO for Earthquake is “0.05 (approximately)”.

Calculate ARO for Food:

Substitute the value of “One year” as “365” and “Frequency of occurrence (One per 10 years)” as “ 365×10 ”  in the equation (1).

=3653600=0.1

Hence, the ARO for Food is “0.1 (approximately)”.

Calculate ARO for Fire:

Substitute the value of “One year” as “365” and “Frequency of occurrence (One per 10 years)” as “ 365×10 ”  in the equation (1).

=3653600=0.1

Hence, the ARO for Fire is “0.1 (approximately)”.

Calculate ALE for Programmer mistakes:

Substitute the value of “SLE” as “5000” and “ARO” as “52” in the equation (2).

       =5000×52=260000

Hence, the ALE for programmer mistakes is “260000”.

Calculate ALE for Loss if intellectual property:

Substitute the value of “SLE” as “75000” and “ARO” as “1” in the equation (2).

       =75000×1=75000

Hence, the ALE for Loss if intellectual property is “75000”.

Calculate ALE for Software Piracy:

Substitute the value of “SLE” as “500” and “ARO” as “52” in the equation (2).

       =500×52=26000

Hence, the ALE for Software Piracy is “26000”.

Calculate ALE for Theft of information(hacker):

Substitute the value of “SLE” as “2500” and “ARO” as “4” in the equation (2).

       =2500×4=10000

Hence, the ALE for Theft of information (hacker)is “10000”.

Calculate ALE for Theft of information (employee)

Substitute the value of “SLE” as “5000” and “ARO” as “2” in the equation (2).

       =5000×2=10000

Hence, the ALE for Theft of information (employee) is “10000”.

Calculate ALE for Web defacement:

Substitute the value of “SLE” as “500” and “ARO” as “12” in the equation (2).

       =500×12=6000

Hence, the ALE for Web defacement is “6000”.

Calculate ALE for Theft of equipment:

Substitute the value of “SLE” as “5000” and “ARO” as “1” in the equation (2).

       =5000×1=5000

Hence, the ALE for Theft of equipment is “6000”.

Calculate ALE for Viruses, worms, Trojan Horses:

Substitute the value of “SLE” as “1500” and “ARO” as “52” in the equation (2).

       =1500×52=78000

Hence, the ALE for Viruses, worms, Trojan Horses is “78000”.

Calculate ALE for Denial-of-service attacks:

Substitute the value of “SLE” as “2500” and “ARO” as “4” in the equation (2).

       =2500×4=10000

Hence, the ALE for Denial-of-service attacks is “10000”.

Calculate ALE for Earthquake:

Substitute the value of “SLE” as “250000” and “ARO” as “0.05” in the equation (2).

       =250000×0.05=12500

Hence, the ALE for Earthquake is “12500”.

Calculate ALE for Food:

Substitute the value of “SLE” as “250000” and “ARO” as “0.1” in the equation (2).

       =250000×0.1=25000

Hence, the ALE for Food is “25000”.

Calculate ALE for Fire:

Substitute the value of “SLE” as “500000” and “ARO” as “0.1” in the equation (2).

       =500000×0.1=50000

Hence, the ALE for Fire is “50000”.

ARO and ALE table for all the threat cost is given below:

ARO and ALE threat cost ARO ALE
Programmer mistakes 52 $260,000
Loss if intellectual property 1 $75,000
Software Piracy 52 $26,000
Theft of information(hacker) 4 $10,000
Theft of information (employee) 2 $10,000
Web defacement 12 $6,000
Theft of equipment 1 $5,000
Viruses, worms, Trojan Horses 52 $78,000
Denial-of-service attacks 4 $10,000
Earthquake 0.05 $12,500
Food 0.1 $25,000
Fire 0.1 $50,000

Want to see more full solutions like this?

Subscribe now to access step-by-step solutions to millions of textbook problems written by subject matter experts!
Students have asked these similar questions
The images I have uploaded are the part 1 to 4 and questions below are continue on the questions uploaded 5. C++ Class Template with Method Stubs #pragma once #include <iostream> #include <string> #include <stdexcept> #include <vector>   template <typename T> class HashTable { private:     struct Entry {         std::string key;         T value;         bool isOccupied;         bool isDeleted;         Entry() : key(""), value(), isOccupied(false), isDeleted(false) {}     };       Entry* table;     size_t capacity;     size_t size;     double loadFactorThreshold;           size_t customHash(const std::string& key) const {         size_t hash = 5381;         for (char c : key) {             hash = ((hash  <<  5) + hash)  +  c;         }         return hash;     }       size_t probe(const std::string& key, bool forInsert = false) const;     void resize();   public:     // Constructor     HashTable(size_t initialCapacity = 101);         // Big…
this project is NOT for graded(marks) purposes, please help me with the introduction. give me answers for the project. i will include an image explaining everything about the project.
Java Graphics (Bonus In this lab, we'll be practicing what we learned about GUIs, and Mouse events. You will need to implement the following: A GUI with a drawing panel. We can click in this panel, and you will capture those clicks as a Point (see java.awt.Point) in a PointCollection class (you need to build this). The points need to be represented by circles. Below the drawing panel, you will need 5 buttons: O о о ○ An input button to register your mouse to the drawing panel. A show button to paint the points in your collection on the drawing panel. A button to shift all the points to the left by 50 pixels. The x position of the points is not allowed to go below zero. Another button to shift all the points to the right 50 pixels. " The x position of the points cannot go further than the You can implement this GUI in any way you choose. I suggest using the BorderLayout for a panel containing the buttons, and a GridLayout to hold the drawing panel and button panels. Regardless of how…
Knowledge Booster
Background pattern image
Similar questions
SEE MORE QUESTIONS
Recommended textbooks for you
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Information Technology Project Management
Computer Science
ISBN:9781337101356
Author:Kathy Schwalbe
Publisher:Cengage Learning
Text book image
Information Technology Project Management
Computer Science
ISBN:9781285452340
Author:Kathy Schwalbe
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
COMPREHENSIVE MICROSOFT OFFICE 365 EXCE
Computer Science
ISBN:9780357392676
Author:FREUND, Steven
Publisher:CENGAGE L