Question

In: Computer Science

Suppose a department has determined that some users have gained unauthorized access to the computing system....

  1. Suppose a department has determined that some users have gained unauthorized access to the computing system. Managers fear the intruders might intercept or even modify sensitive data on the system. Cost to reconstruct correct data is expected to be $2,000,000 with 5% likelihood per year.

One approach to addressing this problem is to install a more secure data access control problem. The cost of access control software is is $50,000 with 80% effectiveness. Here is the summary of risk and control:

  • Cost to reconstruct correct data = $2,000,000 with 5% likelihood per year
  • Effectiveness of access control software: 80%
  • Cost of access control software: $50,000

Determine the expected annual costs due to loss and controls. Also, determine whether the costs outweigh the benefits of preventing or mitigating the risks. (5 points)

Solutions

Expert Solution

ANSWER:

From the question we have

Cost to reconstruct correct data = $2,000,000 with 5% likelihood per year

The cost of access control software is $50,000 with 80% effectiveness.

Cost to reconstruct correct data = $2,000,000 with 5% likelihood per year

Hence, 5% of $ 2,000,000 = $100,000

The amount taken to reconstruct correct data = $2,000,000 - $100,000

Hence to reconstruct correct data it takes amount = $1,900,000 is expected.

From the question we know that amount taken to install access control software= $50,000

From the question we know the effectiveness is = 80% of software cost

= 80/100 * 50,000

= $40,000

Hence to reconstruct by using the access control software it will cost = $50,000 + $40,000

= $90,000 is expected.

Hence $90,000 is expected annual cost to reconstruct by using access control software.

Now we calculate the saving

We know that savings = Annual cost to reconstruct correct data - Annual cost to reconstruct correct data using access control software

Saving = $1,900,000 - $90,000 = $1,810,000

Hence the amount saved by using access control software is $1,810,000

NOTE:-- Please comment if you face any difficulty in understanding the solution. Please Please Upvote. Thank you.


Related Solutions

         21. Unauthorized Access. Ted Munice has recently been fired. He had been the...
         21. Unauthorized Access. Ted Munice has recently been fired. He had been the payroll accountant at Texas Shipping in Galveston, Texas. The systems administrator had determined that someone had logged into the payroll system twice on December 25. A forensic investigator hired by Texas Shipping questioned Ted. Ted admitted that he had logged onto the network, but denied that he had done anything while on the network. The Company wants to take legal action against Ted and...
What are system access threats? and some examples.
What are system access threats? and some examples.
The availability of cloud computing, accessing computing resources as needed through the internet, has made access...
The availability of cloud computing, accessing computing resources as needed through the internet, has made access to stored data more achievable in a mobile environment. Cloud computing resources provided by third-party vendors also make it much more affordable to store and manage your data. Using your textbook and/or internet searches research cloud computing. Using complete sentences include the following information in your document. What is cloud computing? Name three cloud storage resources available. What are the advantages of saving files...
Case Project 4-2: Configuring Preferences Users in the Engineering Department need a higher level of access...
Case Project 4-2: Configuring Preferences Users in the Engineering Department need a higher level of access on their local computers than other users do. In addition, you want to set power options on mobile computers that Engineering users use. All Engineering Department user and computer accounts are in the Engineering OU. What should you configure to meet the following criteria? • When an Engineering user signs into a computer, the user account is added to the local Administrators group on...
Suppose a network access link of 1 Mbps capacity is being shared among 10 users through...
Suppose a network access link of 1 Mbps capacity is being shared among 10 users through packet-switching and each user has 20% probability of using the link at any time. Assuming the link bandwidth is shared equally among its active users, what is the probability (in %) that each user is experiencing a bandwidth equal to or above 300 Kbps (Kilobits per second)?
1. T/F. Under non-discretionary access control, a third-party security administrator determines what users have access to...
1. T/F. Under non-discretionary access control, a third-party security administrator determines what users have access to certain network and system resources. 2. T/F. When establishing firewall rules, the most prudent configuration is to implicitly deny by blocking all traffic by default then rely on business need and justification to create new rules as exceptions. 3. T/F. By default, all virtual private network (VPN) client software encrypts network traffic. 4. T/F. Asymmetric encryption is more secure than symmetric encryption.
Tuscaloosa National Bank has two service departments, the Human Resources (HR) Department and the Computing Department....
Tuscaloosa National Bank has two service departments, the Human Resources (HR) Department and the Computing Department. The bank has two other departments that directly service customers, the Deposit Department and the Loan Department. The usage of the two service departments’ output for the year is as follows:     User of Service Provider of Service HR Computing HR 0 25 % Computing 20 % 0 Deposit 70 % 65 % Loan 10 % 10 %    The budgeted costs in the...
Tuscaloosa National Bank has two service departments, the Human Resources (HR) Department and the Computing Department....
Tuscaloosa National Bank has two service departments, the Human Resources (HR) Department and the Computing Department. The bank has two other departments that directly service customers, the Deposit Department and the Loan Department. The usage of the two service departments’ output for the year is as follows:     User of Service Provider of Service HR Computing HR 0 10 % Computing 10 % 0 Deposit 60 % 50 % Loan 30 % 40 %    The budgeted costs in the...
What are some of the ways you can apply the ‘sociological imagination’ you have gained in...
What are some of the ways you can apply the ‘sociological imagination’ you have gained in this course to help you better understand your everyday life? Discuss two or three examples where you might now look at culture differently.
End user computing------in some cases an organization’s information system (IS) is planned and centered on specific...
End user computing------in some cases an organization’s information system (IS) is planned and centered on specific goals; in other cases, technology is an afterthought to the actual business objectives. Can you think of examples of how technology has altered the way we do business today? Were those changes and implementations accomplished by understanding the goals of the business?
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT