Page 669 - StudyBook.pdf
P. 669

Operational and Organizational Security: Incident Response • Chapter 11  653

                 addition, there would also be the cost of replacing the server itself. If the server cost
                 $6,000, this would increase the cost to $26,000.This would be the SLE of the risk.
                 Multiplying the ARO and the SLE calculates how much money would need to be
                 budgeted to handle this risk.The following formula provides the ALE:
                 ARO x SLE = ALE

                    When looking at the example of the failed server hosting an e-commerce site,
                 this means the ALE would be:
                 .3 x $26,000 = $7,800
                    To deal with a risk, an assessment must be done on how much needs to be
                 budgeted to handle the probability of the event occurring.The ALE provides this
                 information, leaving you in a better position to recover from an incident when it
                 occurs.


                  EXERCISE 11.03


                  DETERMINING THE ANNUAL
                  LOSS EXPECTED TO OCCUR FROM RISKS
                      A widget manufacturer has installed new network servers, changing its
                      network from a peer-to-peer (PTP) network to a client/server-based net-
                      work. The network consists of 200 users who make an average of $20 an
                      hour, working on 100 workstations. Previously, none of the workstations
                      involved in the network had antivirus software installed on the
                      machines. This was because there was no connection to the Internet,
                      and the workstations did not have floppy disk drives or Internet connec-
                      tivity, so the risk of viruses was deemed minimal. One of the new servers
                      provides a broadband connection to the Internet, which employees can
                      use to send and receive e-mail and surf the Internet. A manager reads in
                      a trade magazine that other widget companies reported an 80 percent
                      chance of viruses infecting their networks after installing T1 lines and
                      other methods of Internet connectivity, and that it may take upwards of
                      three hours to restore data that has been damaged or destroyed. A
                      vendor will sell licensed copies of antivirus software for all servers and
                      the 100 workstations at a cost of $4,700 per year. The company has
                      asked you to determine the annual loss that can be expected from
                      viruses, and determine if it is beneficial in terms of cost to purchase
                      licensed copies of antivirus software.




                                                                              www.syngress.com
   664   665   666   667   668   669   670   671   672   673   674