To cope up the network security measures with the financial restrictions in the corporate world is still a challenge. At global scenario the tradeoff between the protection of IT infrastructure and the financial boundation for any organization using IT as valuable resource is quite essential. Every organization has different security needs and different budgets for coping with that therefore whether it has to look as single objective or as multiple objectives with fault tolerant feature is a critical issue. In the present paper an attempt has been taken to optimize and analyze the effectiveness of security hardening measures considering attack tree model as base. In short we can say that the main attention in the paper is-to rectify, to describe the notations of the attack tree model and to suggest a model which may be able to quantitatively specify the possible threats as well as cost of the security control while implementing the security hardening measures.