Security Risk Assessment: Risk # Risk Risk Family
Security Risk Assessment: Risk # Risk Risk Family
Security Risk Assessment: Risk # Risk Risk Family
Vulnerability
3 There is a risk of password guessing Management
* Risk - descriptions should be some reasonable approximation of what is written above but does not need to be exact
* Reasoning - The reasoning should approximately match to the user's assessment of the liklihood and impact of a potential
* Mitigating Controls - For the purpose of this exercise we did not include mitigating controls
* Total Risk Score - Should not be less than a reasonable approximation of the liklihood x impact. For instance, if L=High and
Security Risk Assessment
Control Liklihood Impact
Notes:
nt of the liklihood and impact of a potential risk. If, for instance the liklihood and impact are marked high, the reasoning should reflect
ting controls
klihood x impact. For instance, if L=High and I=High (and no mitigating control exists) then Risk cannot equal Low
Reasoning Mitigating Controls Total Risk Score
Placeholder
The servers must be up-to-date High
Assume none
Low
Medium
High