Explanation of Solution
a.
Threats:
A threat is a thing that can cause damage to the organization, IT systems or other networks.
Example:
If the user wants to transact amount through online, he/she must provide the bank details like account number and password over the web to access an account.
Threat in above example: The details of an account may be accessed by any intruder without user’s knowledge which leads to loss of information.
Types of threats:
There are three types of threats in system security. They are as follows:
- Human error...
Explanation of Solution
b.
Safeguards:
Safeguard is a measurement by an individual or organization to protect occurrence of threats. “Encryption” is a method which acts as a safeguard that encrypt the information of the company so that others can’t access the data.
The following components used to act as a safeguard to protect the system. They are:
- IDS (Intrusion Detection System).
- Brute force attack.
- Strong password.
- Cookie.
- CCleaner.
IDS:
- Intrusion detection system (IDS) is an application software or device which is used to monitor the networks or activities of the system for unauthorized access and threats to produce the caution reports to authorized user.
- The use of an IDS program is sobering because crime rate of the security is high so that, IDS will generate many false alarms that will compromise the effectiveness.
Brute force attack:
- Brute force attack is a method to find the login cardinalities by generating all possible routes and comparing their distances...
Explanation of Solution
c.
The safeguard can be categorized into three types, they are:
- Technical safeguard
- Data safeguard
- Human safeguard
Technical safeguards:
The technical components are involved to protect the data is known as technical safeguards. Hardware and software components mostly involved in it.
Five types of technical safeguards:
The technical safeguards can be divided into five types. There are:
- Identification and authentication
- Encryption
- Firewalls
- Malware protection
- Design for secure applications
Identification and authentication:
- Identification is uniquely identifying a person with some data credentials.
- For example: username, smart card, or anything else that uniquely identify the person.
- Authentication is a process that proving the identity of the person using credentials.
- For example: Giving right password proves the username of the person.
Encryption:
- Encryption is a process to transform the plain text into cipher text to protect data from unauthorized access. The cipher key will be decrypted using a “key”.
- Note: Key is a string used to unlock a message
Firewall:
- Firewall is a computer program used protects the system from an unauthorized access. It can be used in computers, routers or special purpose networks.
- The Purpose of the firewall is to filter the network traffic coming from, analyze the packet’s type and its contents then check the packets are part of authorized network.
- Normally organizations use multiple firewalls. They are:
- Perimeter firewall – It is used to check the outside network of the organization.
- Internal firewall – check the inside network of the organization.
- Packet filtering firewall – It examines each part of the packet.
Malware:
- Set of programs which are deleting or copy the data from user’s computer is known as malware. It is created for damage the computer’s data and it is created as malicious software.
- The malware can categorize into six types. They are:
- Virus
- Trojan horses
- Worm
- Spyware
- Adware
- Ransomware
Data safeguards:
Data safeguards is a protection guard that protect the
- Data administration
- Database administration
Data administration:
- Data administration is for developing data policies and enforcing data standards.
- It is an organization level component that is responsible for maintenance of the database, formatting and providing security for the organization data.
Database administration:
- Database administration is a function that is relevant to certain database...
Explanation of Solution
d.
The discussion about “Q10-4” is how the organizations respond to the security threats:
Senior management:
Senior management is a team to manage and control security threats and risk activities.
There are two critical security function needs to be addressed in senior management they are:
- Security policy
- Risk management
Security policy:
Security policy was established by an organization and it can vary by each component. For example, security policy in database states information about customers, suppliers, and employees.
Requirements of security policies:
The following minimum requirements need to stipulate the security policy about an organization.
- Information about sensitive data and shared data which is stored by an organization.
- Details of number of employees and others have copies of data about an organization.
- Request from employees and others to change the inaccurate data stored.
Security policies need to specify the following details:
- Check whether the organization is governmental or nongovernmental.
- Whether it is private sector or public...
Explanation of Solution
e.
List of security procedures to temporary employees:
The security procedures are vary to employees and temporary employees. Temporary employees are working on certain period. An organization provide some security procedures for temporary employees they are:
- Position definition
- Limited access
- Monitoring the employee
Position definition:
- An organization should teach the job description for authorities because security threats involved in each position...
Explanation of Solution
f.
List of procedures regarding with disaster plan:
An organization should take the following actions before security incident occurs. By using these actions, the organization can take the action to reduce the further loss.
- Plan.
- Backups and recovery.
Organization should have a plan before the disaster:
- Every organization should have a plan for disaster before the incident occurs...
Want to see the full answer?
Check out a sample textbook solution
Chapter 10 Solutions
EBK USING MIS
- Q2) by using SHI-Tomasi detector method under the constraints shown in fig. 1 below find the corner that is usful to use in video-steganography? 10.8 ...... V...... 0.7 286 720 ke Fig.1 Threshold graph. The plain test is :Hello Ahmed the key is: 3a 2x5 5b 7c 1J 55 44 2X3 [ ] 2x3arrow_forwardusing r languagearrow_forwardWhat disadvantages are there in implicit dereferencing of pointers, but only in certain contexts?arrow_forward
- using r languagearrow_forwardWhat significant justification is there for the -> operator in C and C++?arrow_forwardMultidimensional arrays can be stored in row major order, as in C++, or in column major order, as in Fortran. Develop the access functions for both of these arrangements for three-dimensional arrays.arrow_forward
- What are the arguments for and against Java’s implicit heap storage recovery, when compared with the explicit heap storage recovery required in C++? Consider real-time systems.arrow_forward8. Name and Email AddressesWrite a program that keeps names and email addresses in a dictionary as key-value pairs. The program should display a menu that lets the user look up a person’s email address, add a new name and email address, change an existing email address, and delete an existing name and email address. The program should pickle the dictionary and save it to a file when the user exits the program. Each time the program starts, it should retrieve the dictionary from the file and unpickle it. How would the user be able to use the program?arrow_forwardPlease solve and answer the question correctly please. Thank you!!arrow_forward
- Please solve and answer the question correctly please. Thank you!!arrow_forwardW AutoSave Off File Home Insert Draw Design Assignment_1[1] - Protected... ■ Saved V > Search Layout References Mailings Review View Help QuillBot RefWorks - RCM PROTECTED VIEW Be careful-files from the Internet can contain viruses. Unless you need to edit, it's safer to stay in Protected View. Enable Editing PR Comments Viewing Share × 2. The following state transition table is a simplified model of process management, with the labels representing transitions between states of READY, RUN, BLOCKED, and NONRESIDENT. READY RUN BLOCKED NONRESIDENT READY RUN - 1 - 5 BLOCKED 2 4 3 - 6 Give an example of an event that can cause each of the above transitions. Draw a diagram if that helps. (5) Page 2 of 4 20 of 278 words Text Predictions: On 64 f W Focus + 170% ENG US 17:13 2025/03/24arrow_forwardI need help understanding how could I got the IP Address for the Last Host on this Subnet & the Broadcast Address for this Subnetarrow_forward
Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,
Principles of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage Learning
Information Technology Project ManagementComputer ScienceISBN:9781337101356Author:Kathy SchwalbePublisher:Cengage Learning
Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781285867168Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning