Escolar Documentos
Profissional Documentos
Cultura Documentos
Avg Days
Unauthorized Software on
Critical Control 2 Software Software Total Network Threat Weight
High Threat = 5 3 1.7 5
Medium Threat = 3 7 2.4 3
Low Threat = 2 15 3.6 2
Boundary Defense
Critical Control 5 Score Avg Days to Fix Threat Weight
High Threat Potential = 5 3 1 5
Medium Threat Potential = 3 1 2 3
Low Threat Potential = 2 2 2 2
Logging Analysis
Critical Control 6 Score Threat Weight
High Threat System = 5 5
Medium Threat System= 3 3
Low Threat System = 2 2
Total Malicious
Critical Control 7 Packets Found Threat Weight
Application Software Security
Average Time to
Total Unauthorized Neutralize Total Unauthorized
Critical Control 9 Account Access Account (days) Group Memberships
July 5 3.6 2
August 4 2.7 1
September 4 3.5 4
Number of Number of
Critical Control 10 mitigated servers scanned Threat Weight
Continous Vulnerability Assessment
and Remediation 2 12 4.7
Critical Control 13
Limitation and Control of ports,
protocols, and services
Unauthorized
Critical Control 14 Wireless Devices
Sept 12
Oct 14
Nov 15
Number of
Insecure Unusual activity authorized account
Critical Control 15 Workstations instances access
Data Loss Prevention 5 2 4
Percentage of
Internet Entry verified Percentage of hosts
Critical Control 16 Points connections using DNSSEC
Current 90 0.90 0.80
New 1
Original 100
Avg Time to
Avg Time to Eradication Avg Time to
Critical Control 18 Detection (Hours) (Hours) Recovery (Hours)
Incident Response Capability 8.1 4.1 3.2
Critical Control 20
Security Skills Assessment and
Training
Threat Score Threat Level 4
16.00 Risk Score 164.00
10.00 Goal <175
15.00 Cost of Check $
Threat Level 3
Overall Risk Score
Cost of Check $
Frequency of Check
Threat Level
Overall Risk Score
Goal
Cost of Check
Frequency of Check
Threat Level
Threat Level
Overall Risk Score
Goal
Cost of Check
Frequency of Checks
Threat Level
Boundary Defense
Score
Proxy Server 2.8
IPS 3.7
IDS 4.1
VPN 3.2
Access Points 4.3
User Access
Count
Accounts w/ Inproper Privileges 5
Insecure Passwords 8
Workstation Vulnerabilities 15
Server Vulnerabilities 5
Network Device Vulnerabilities 2
Malware Found
Sept Oct Nov
Email 100 78 83
Web Download 50 75 24
Physically (USB/CD) 12 8 5
Other 15 12 10
Logging
Sept Oct Nov
% Logs Notifying Correctly 2.3 1.2 3.3
98 16
14
97
12
% Data Backed up
96 Successfully 10 Avg Time to Recover (hrs)
% Fortune 8 Avg Time to Eradicate
95 Cookies Found (hrs)
Protected 6
94 Avg Time to Detect (hrs)
4
93 2
0
92 Sept Oct Nov
Sept Oct Nov