DREAD Criteria + Risk Calculation and Impact

0.0(0)
Studied by 0 people
call kaiCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/11

encourage image

There's no tags or description

Looks like no tags are added yet.

Last updated 10:59 PM on 4/16/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai

No analytics yet

Send a link to your students to track their progress

12 Terms

1
New cards

Damage:

How bad would an attack be?

2
New cards

Reproducibility:

How easy is it to reproduce the attack?

3
New cards

Exploitability:

How much work is it to launch the attack?

4
New cards

Affected users:

How many people will be impacted?

5
New cards

Discoverability:

How easy is it to discover the threat?

6
New cards

Risk Rating

(Dai + Ri + Ei + Ai + Dii ) / 5

7
New cards

Impact =

(Damage + Affected Users)/2

8
New cards

Damage Scale

0: No damage

5: Information disclosure

8: Non-sensitive user data about individuals or employers have been compromisted

9: Non-sensitive administrative data was compromised

10: The destruction of an information system; the inaccessibility of data or applications

9
New cards

Reproducibility Scale

0: Difficult or impossible

5: Complex

10: Easy

10
New cards

Exploitability Scale

2.5: Advanced programming and networking skills

5: Available attack tools

10: Web browser

11
New cards

Affected Users Scale

0: No users

2.5: Individual user

6: Few users

8: Administrative users

10: All users

12
New cards

Discoverability Scale

0: Hard to discover the vulnerability

5: HTTP requests can uncover the vulnerability

10: Vulnerability found in the public domain