Scribd
Upload
994 views10 pages

Lab Risk Analysis Answer Key

Lab Risk Analysis Answer Key for risks analysis

Uploaded by

Marcos Souza
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
994 views10 pages

Lab Risk Analysis Answer Key

Lab Risk Analysis Answer Key for risks analysis

Uploaded by

Marcos Souza
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 10

Lab - Risk Analysis

Objectives
Part 1: Use Risk Analysis Methods
Part 2: Calculate Risks

Background / Scenario
A risk analysis determines possible vulnerabilities and threats, their likelihood and consequences, and the
tolerances for such events. The results of this process may be expressed by using a quantitative method or a
qualitative method. Quantitative risk analysis involves calculations to assign a value to a potential vulnerability
or threat. This option works best when dealing with tangible assets such as buildings, computers, or
inventory. Qualitative risk analysis assigns a level used to prioritize potential risk so organizations can take a
logical approach to address the most critical threats. This method works best for intangible assets such as
intellectual property, company reputation, or accounts receivable.

Required Resources
PC or mobile device with internet access

Instructions

Part 1: Use Risk Analysis Methods


Quantitative Risk
Quantitative risk analysis is the process of objectively determining the impact of an event by using metrics
and models. A quantitative analysis relies on historical information and trends to predict future performance.
The result of the analysis is a value.
Calculating the annualized loss expectancy (ALE) is a common method to estimate the decrease in value or
capability of an asset after an adverse event occurs.

Step 1: Calculate the Asset Value.


In this step, you will demonstrate how to calculate the asset value.
Initial Cost of the Asset
The asset value is the total expenditure it takes to replace an asset. For example, the total value of an asset
may include purchasing and licensing or developing along with maintenance and support costs. In this
example, the organization's customer database server cost approximately $20,000. This includes the
hardware, software, and configuration.
Organizational Value
An intangible value is more difficult to calculate because it may include the cost of creating, acquiring, and re-
creating information, and the business impact or loss if the information is lost or compromised. It can also
include liability costs. In this example, the cost to create the customer website is $40,000.
Public Value
An intangible cost that includes loss of proprietary information, or processes, or loss of business reputation.
This value is estimated at $75,000.

© 2021 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 1 of 10
Lab - Risk Analysis

Questions:

What is the total asset value of the server?


Type your answers here.
Why is the intangible cost so high? Is this realistic?
Type your answers here.

Step 2: Calculate the Exposure Factor


Exposure factor is expressed as a percentage (or decimal equivalent) loss of an asset if a specific threat or
vulnerability is realized. The exposure factor is a subjective value. If the asset is completely lost, the exposure
factor would be 100% or 1. The exposure factor could be a fraction of the value such as 40% or .4, for
example.
Question:

Given an example, what is the impact on the server if the server room floods and the cost to restore the
server is $30,000?
Asset Value: $135,000
Restoration Cost: $30,000
Exposure Factor:
Type your answers here.

Step 3: Calculate the Single Loss Expectancy


Calculate the single loss expectancy (SLE) by taking the asset value and multiplying it by the exposure factor.
The result is the dollar loss that you expect due to the occurrence of a single event. A single asset can have
multiple potential threats or vulnerabilities, and a single loss expectancy can be calculated for each
occurrence.
For example, a denial-of-service attack is estimated to have a 20% or 0.2 impact or exposure factor. This
would mean the SLE is $135,000 x 0.2 = $27,000.
Estimate the SLE if a hard drive or storage unit failure occurs where the same asset value is estimated at
$135,000. This type of loss would result in an exposure factor of 0.5.
Questions:

What is the SLE?


Type your answers here.
Calculate the SLE of a Ransomware attack with an exposure facture of 100% or 1.0.
Type your answers here.

Step 4: Calculate the Annualized Rate of Occurrence


The annualized rate of occurrence (ARO) is a measure of how often an event occurs in a single year. ARO is
always expressed in an annual rating even if an incident occurs and is recorded in other time measures. In
our example, the customer database server is impacted by a DoS or DDoS attack every 120 days or 4
months on average. This means the event will occur three times in a calendar year on average, so the
DoS/DDoS attack has an ARO of 3.
a. In this scenario, calculate the ARO of a ransomware attack on the business customer database server.
On average the server experiences a ransomware attacks every 24 months or two years.
Question:

What is the ARO of a ransomware attack on the customer database server?


Type your answers here
b. In this scenario, calculate the ARO of a hardware failure with the customer database server. On average,
the server experiences hardware failures every 30 months.

© 2021 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 2 of 10
Lab - Risk Analysis

Question:

What is the ARO of hardware failures with the customer database server?
Type your answers here.

Step 5: Calculate the Annualized Loss Expectancy


The annualized loss expectancy (ALE) is the product of the ARO and the SLE. To calculate the ALE, take the
SLE and multiply it by the ARO. For example, if a power outage is determined to have an SLE of $50,000.00
and an ARO of 0.5 the ALE would be $25,000.
Questions:

What is the ALE of a hardware failure with the customer database server if the SLE= $5,000 and ARO=2.5?
Type your answers here.
What is the ALE of a hacking attack with the customer database server if the SLE= $10,000 and ARO=0.5?
Type your answers here

Step 6: Calculate the Qualitative Risk Analysis


A qualitative analysis compares the impact of a threat with the probability of its occurrence and uses labels
such as low, medium, or high. The impact of an event is a measure of the loss when a threat exploits a
vulnerability. The probability is the chance that the threat event will occur.
Qualitative risk analysis examines the level of overall impact on the organization. These issues include loss of
revenue, loss of reputation, and loss of customers.

Use the tables to record the qualitative impact of the events described below.
Questions:

In the first event, the web server experiences a hard drive failure causing a loss of revenue, reputation, and
customers. This is a very high risk impact and a possible probability of occurrence.

Event 1: Web Server Hard Drive Failure

Risk Impact Matrix

Probability of
Occurrence Very Low Low Medium High Very High
Highly Probable Moderate Major Major Severe Severe
Probable Moderate Moderate Major Major Severe
Possible Minor Moderate Moderate Moderate Major
Unlikely Minor Moderate Moderate Moderate Major
Rare Minor Minor Minor Moderate Moderate
Blank Line, No additional information

© 2021 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 3 of 10
Lab - Risk Analysis

In the second event, a denial-of service attack launches against the web server. This is a high risk impact and
a probable probability of occurrence.

Event 2: A DoS/DDoS Attack

Risk Impact Matrix

Probability of
Occurrence Very Low Low Medium High Very High
Highly Probable Moderate Major Major Severe Severe
Probable Moderate Moderate Major Major Severe
Possible Minor Moderate Moderate Moderate Major
Unlikely Minor Moderate Moderate Moderate Major
Rare Minor Minor Minor Moderate Moderate
Blank Line, No additional information

In the third event, there is a fire in the server room. This is a very high risk impact and a rare probability of
occurrence.

Event 3: Fire in the Server Room

Risk Impact Matrix

Probability of
Occurrence Very Low Low Medium High Very High
Highly Probable Moderate Major Major Severe Severe
Probable Moderate Moderate Major Major Severe
Possible Minor Moderate Moderate Moderate Major
Unlikely Minor Moderate Moderate Moderate Major
Rare Minor Minor Minor Moderate Moderate
Blank Line, No additional information

© 2021 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 4 of 10
Lab - Risk Analysis

In the fourth event, credit card data has been stolen. This is a very high risk impact and an unlikely probability
of occurrence.

Event 4: Data Breach/Credit Card Data Stolen

Risk Impact Matrix

Probability of
Occurrence Very Low Low Medium High Very High
Highly Probable Moderate Major Major Severe Severe
Probable Moderate Moderate Major Major Severe
Possible Minor Moderate Moderate Moderate Major
Unlikely Minor Moderate Moderate Moderate Major
Rare Minor Minor Minor Moderate Moderate
Blank Line, No additional information

In the fifth event, there is a tornado in the area. This is a low risk impact and a rare probability of occurrence.

Event 5: Weather/Tornado

Risk Impact Matrix

Probability of Occurrence Very Low Low Medium High Very High


Highly Probable Moderate Major Major Severe Severe
Probable Moderate Moderate Major Major Severe
Possible Minor Moderate Moderate Moderate Major
Unlikely Minor Moderate Moderate Moderate Major
Rare Minor Minor Minor Moderate Moderate
Blank Line, No additional information

Part 2: Calculate Risks

Step 1: ABC Company Laptops Scenario


Question:

ABC Company owns 65 laptops. Each laptop cost $1,200. You will base your calculations on the value of one
laptop. The team identified three threats. Based on internal data, calculate the ARO, and ALE given the
information provided. Enter the missing values in the table.

Threat Event SLE EF Rate of Occurrence ARO ALE

Theft of Equipment $1200 100% (1.0) Once every 2 years Blank $600
Damage by Dropping blank 60%(0.6) Once every 5 years 0.2 $144
Malware $240 20% (0.2) Twice a year 2 blank
Total ALE for all threats blank
Blank Line, No additional information

© 2021 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 5 of 10
Lab - Risk Analysis

Step 2: ABC Company Storage Area Network Scenario


Questions:

The ABC Company is performing a risk analysis for its storage area network. The total asset value is
$250,000. The team identified the three threats shown in the table. Manufacturer’s data and company records
provided the data given in the table. Enter the missing values in the table.

Threat Event SLE EF Rate of Occurrence ARO ALE

Drive Failure Blank 5% (.05) Twice a year 2 $25,000


Power Outage $250,000 100% (1.0) Once every 8 years Blank blank
DOS/DDOS Attack Blank 10% (0.1) Once every 2 years Blank Blank
Total ALE for all threats
Blank Line, No additional information

Step 3: ABC Company Database Server Threats Scenario


Question:

ABC Company spent $18,000 on a database server. Configuration and installation totaled $2,000. Complete
the risk analysis challenge table based on the four threats identified by the team at ABC. Enter the missing
values in the table.

Threat Event SLE EF Rate of Occurrence ARO ALE

Device Failure blank 5% (.05) Once every 18 months 0.66 $666


Power Outage $20,000 100% (1.0) Once every 5 years blank $4,000
DOS/DDOS Attack $3,000 15% (0.15) Once every 4 years 0.25 blank
Theft of Information blank 40% (0.4) Once every 2 years blank blank
Configuration Mistakes blank 1% (0.01) Once a month blank Blank
Total ALE for all threats Blank
Blank Line, No additional information

Step 4: ABC Company Point-of-Sale System Challenge Scenario


Question:

ABC Company spent $10,000 on their remote point-of-sale system. Configuration and installation totaled
$5,000. Complete the table based on the four threats identified by the team at ABC. Enter the missing values
in the table.

Threat Event SLE EF Rate of Occurrence ARO ALE

Theft of Equipment blank 100% (1.0) Once every 5 years 0.2 blank
Equipment Failure $1,500 10% (0.1) Twice a year blank blank
Ransomware blank 20% (.2) Once every 10 years blank blank
Data Breach $6,000 40% (0.4) Once every 5 years 0.2 Blank
Total ALE for all threats Blank
Blank Line, No additional information

Step 5: ABC Company Private Cloud Facility Challenge Scenario


Question:

BC Company spent $500,000 on the development and purchase of a private cloud facility. Configuration and
installation totaled $50,000 and the programming and application development cost another $450,000.

© 2021 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 6 of 10
Lab - Risk Analysis

Complete the Risk analysis Challenge table based on the four threats identified by the team at ABC. Enter the
missing values in the table.

Threat Event SLE EF Rate of Occurrence ARO ALE

Power Outage blank 50% (0.5) Once every 5 years blank $100,000
DOS/DDOS Attack blank 40% (0.4) Once every 2 years blank $200,000
Data Breach blank 40% (0.4) Once every 10 years blank blank
Flood blank 100% (1.0) Once every 20 years blank Blank
Total ALE for all threats Blank
Blank Line, No additional information

© 2021 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 7 of 10
Lab - Risk Analysis

Answer Key
Part 1: Use Risk Analysis Methods

Step 1: Calculate the Asset Value


What is the total asset value of the server?
The server’s tangible and intangible value is approximately $135,000.
Why is the intangible cost so high? Is this realistic?
Consider the value of an organization’s reputation. The reputation of a business is very difficult to
build and maintain. Damage to the reputation can be very costly and permanent. So - yes, this
valuation is realistic.

Step 2: Calculate the Exposure Factor


Given an example, what is the impact on the server if the server room floods and the cost to restore the
server is $30,000?
Asset Value: $135,000
Restoration Cost: $30,000
Exposure Factor:
Exposure factor is 30,000 / 135,000 = 22% or 0.22

Step 3: Calculate the Single Loss Expectancy


What is the SLE?
SLE equals 135,000 x 0.5 = $67,500
Calculate the SLE of a Ransomware attack with an exposure facture of 100% or 1.0.
SLE equals 135,000 x 1.0 = $135.000

Step 4: Calculate the Annualized Rate of Occurrence


What is the ARO of a ransomware attack on the customer database server?
If the event occurs every twenty-four months, the ARO would be 12 / 24 = 0.5.
What is the ARO of hardware failures with the customer database server?
If the event occurs every thirty months, the ARO would be 12 / 30 = 0.4.

Step 5: Calculate the Annualized Loss Expectancy


What is the ALE of a hardware failure with the customer database server if the SLE= $5,000 and ARO=2.5?
Answer: ALE = 5000 x 2.5 = 12500
What is the ALE of a hacking attack with the customer database server if the SLE= $10,000 and ARO=0.5?
Answer: ALE = 10,000 x 0.5 = 5,000

Step 6: Qualitative Risk Analysis


In the first event, the web server experiences a hard drive failure causing a loss of revenue, reputation, and
customers. This is a very high risk impact and a possible probability of occurrence.
The correct answer is Major.

© 2021 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 8 of 10
Lab - Risk Analysis

In the second event, a denial-of service attack launches against the web server. This is a high risk impact and
a probable probability of occurrence.
The correct answer is Major.
In the third event, there is a fire in the server room. This is a very high risk impact and a rare probability of
occurrence.
The correct answer is Moderate.
In the fourth event, credit card data has been stolen. This is a very high risk impact and an unlikely probability
of occurrence.
The correct answer is Major.
In the fifth event, there is a tornado in the area. This is a low risk impact and a rare probability of occurrence.
The correct answer is Minor.

Part 2: Calculate Risks

Step 1: ABC Company Laptops Scenario


ABC Company owns 65 laptops. Each laptop cost $1,200. You will base your calculations on the value of one
laptop. The team identified three threats. Based on internal data, calculate the ARO, and ALE given the
information provided. Enter the missing values in the table.

Threat Event SLE EF Rate of Occurrence ARO ALE

Theft of Equipment $1200 100% (1.0) Once every 2 years 0.5 $600
Damage by Dropping $720 60%(0.6) Once every 5 years 0.2 $144
Malware $240 20% (0.2) Twice a year 2 $480
Total ALE for all threats $1,224
Blank Line, No additional information

Step 2: ABC Company Storage Area Network Scenario


The ABC Company is performing a risk analysis for its storage area network. The total asset value is
$250,000. The team identified the three threats shown in the table. Manufacturer’s data and company records
provided the data given in the table. Enter the missing values in the table.

Threat Event SLE EF Rate of Occurrence ARO ALE

Drive Failure $12,500 5% (0.05) Twice a year 2 $25,000


Power Outage $250,000 100% (1.0) Once every 8 years 0.125 $31,250
DOS/DDOS Attack $25,000 10% (0.1) Once every 2 years 0.5 $12,500
Total ALE for all threats $68,750
Blank Line, No additional information

Step 3: ABC Company Database Server Threats Scenario


ABC Company spent $18,000 on a database server. Configuration and installation totaled $2,000. Complete
the risk analysis challenge table based on the four threats identified by the team at ABC. Enter the missing
values in the table.

© 2021 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 9 of 10
Lab - Risk Analysis

Threat Event SLE EF Rate of Occurrence ARO ALE

Device Failure $1,000 5% (.05) Once every 18 months 0.66 $666


Power Outage $20,000 100% (1.0) Once every 5 years 0.2 $4,000
DOS/DDOS Attack $3,000 15% (0.15) Once every 4 years 0.25 $750
Theft of Information $8,000 40% (0.4) Once every 2 years 0.5 $4,000
Configuration Mistakes $200 1% (0.01) Once a month 12 $2,400
Total ALE for all threats $11,816
Blank Line, No additional information

Step 4: ABC Company Point-of-Sale System Challenge Scenario


ABC Company spent $10,000 on their remote point-of-sale system. Configuration and installation totaled
$5,000. Complete the table based on the four threats identified by the team at ABC. Enter the missing values
in the table.

Threat Event SLE EF Rate of Occurrence ARO ALE

Theft of Equipment $15,000 100% (1.0) Once every 5 years 0.2 $3,000
Equipment Failure $1,500 10% (0.1) Twice a year 2 $3,000
Ransomware $3,000 20% (0.2) Once every 10 years 0.1 $300
Data Breach $6,000 40% (0.4) Once every 5 years 0.2 $1,200
Total ALE for all threats $7,500
Blank Line, No additional information

Step 5: ABC Company Private Cloud Facility Challenge Scenario


BC Company spent $500,000 on the development and purchase of a private cloud facility. Configuration and
installation totaled $50,000 and the programming and application development cost another $450,000.
Complete the Risk analysis Challenge table based on the four threats identified by the team at ABC. Enter the
missing values in the table.

Threat Event SLE EF Rate of Occurrence ARO ALE

Power Outage $500,000 50% (0.5) Once every 5 years .2 $100,000


DOS/DDOS Attack $400,000 40% (0.4) Once every 2 years .5 $200,000
Data Breach $400,000 40% (0.4) Once every 10 years .1 $40,000
Flood $1,000,000 100% (1.0) Once every 20 years .05 $50,000
Total ALE for all threats $390,000
Blank Line, No additional information
End of document

© 2021 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 10 of 10

You might also like