Chapter 2

What Are We Trying to Prevent?

Introduction

An attentive network administrator is always looking for the right strategy for information services security. You need to understand the risks you are facing, and assign resources to reduce and manage those risks. To do this correctly, one needs a quantitative security risk assessment.You write down all the potential adverse events, estimate the loss from such events, and calculate the probability of such events occurring. Multiplying the latter and then adding up the results gives a value known ...

Get Managing Cisco Network Security, 2nd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.