Chapter 2

What Are We Trying to Prevent?


An attentive network administrator is always looking for the right strategy for information services security. You need to understand the risks you are facing, and assign resources to reduce and manage those risks. To do this correctly, one needs a quantitative security risk assessment.You write down all the potential adverse events, estimate the loss from such events, and calculate the probability of such events occurring. Multiplying the latter and then adding up the results gives a value known ...

Get Managing Cisco Network Security, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.