Refer to the Computers & Security (July, 2013) study of Microsoft program security issues, Exercise 2.4. Recall

Question:

Refer to the Computers & Security (July, 2013) study of Microsoft program security issues, Exercise 2.4. Recall that Microsoft periodically issues a Security Bulletin that reports the software -- Windows, Explorer, or Office — affected by the vulnerability. The study discovered that 64% of the security bulletins reported an issue with Windows, 12% with Explorer, and 24% with Office. The researchers also categorized the security bulletins according to the expected repercussion of the vulnerability. Assume the categories (and associated percentages) are Denial of service (10%), Information disclosure (15%), Remote code execution (45%), Spoofing (5%), and Privilege elevation (25%). Now consider a random sample of 10 Microsoft security bulletins.
a. How many of these sampled bulletins would you expect to report an issue with Explorer?
b. How many of these sampled bulletins would you expect to report Remote code execution as a repercussion?

c. What is the likelihood that all 10 of the bulletins report an issue with Windows?
d. What is the likelihood that there are 2 sampled bulletins reporting repercussions for each of the five types, Denial of service, Information disclosure, Remote code execution, Spoofing, and Privilege elevation?


Data from Exercise 2.4

The dominance of Microsoft in the computer software market has led to numerous malicious attacks (e.g., worms, viruses) on its programs. To help its users combat these problems, Microsoft periodically issues a Security Bulletin that reports the software affected by the vulnerability. In Computers & Security (July 2013), researchers focused on reported security issues with three Microsoft products: Office, Windows, and Explorer. In a sample of 50 security bulletins issued in 2012, 32 reported a security issue with Windows, 6 with Explorer, and 12 with Office. The researchers also categorized the security bulletins according to the expected repercussion of the vulnerability. Categories were Denial of service, Information disclosure, Remote code execution, Spoofing, and Privilege elevation. Suppose that of the 50 bulletins sampled, the following numbers of bulletins were classified into each respective category: 6, 8, 22, 3, 11. 

Fantastic news! We've Found the answer you've been seeking!

Step by Step Answer:

Related Book For  book-img-for-question

Statistics For Engineering And The Sciences

ISBN: 9781498728850

6th Edition

Authors: William M. Mendenhall, Terry L. Sincich

Question Posted: