$1.$ Consider this approach: Risk $=($cost of a security breach$)*($likelihood it will occur$).$

The numbers do not matter $$ simply think of a number from $1$ to $10$ that represents the cost of a security breach $(1=$ not important, $10=$ we will lose lots of money$),$ and a number from $1$ to $10$ that represents the likelihood that it will occur $(1=$ not that likely, $10=$ it has happened plenty of times before and will likely happen again$).$

This approach to security is often called practical security as it focuses the time an organization spends on securing its systems and data, on technologies that are more likely to be breached.

$2.$ Use this quick calculation to determine which of the following you should spend your limited time securing:

$$ An internal file server.

$$ A web server in the DMZ that hosts company information.

$$ An internal print server.

$$ The organization$$s hardware$-$based spam filter firewall.

$3.$ Note your calculation for each system as well as your justification for the cost and likelihood values in a short memo. Submit this memo to your instructor.

$$

Rubric

$5$ Marks

Risk was calculated, and both the cost and likelihood were justified appropriately. $3-4$ Marks

Risk was calculated, but either the cost or likelihood were not justified properly. $1-2$ Marks

Risk was calculated, but neither the cost nor likelihood were justified appropriately. $0$ Marks

Risk was not calculated.

Fire Server

Web Server

Print Server

Firewall

Total $/20$