Using MIS (10th Edition)
10th Edition
ISBN: 9780134606996
Author: David M. Kroenke, Randall J. Boyle
Publisher: PEARSON
expand_more
expand_more
format_list_bulleted
Expert Solution & Answer
Chapter 10, Problem 10.3UYK
Explanation of Solution
a.
Threats:
A threat is a thing that can cause damage to the organization, IT systems or other networks.
Example:
If the user wants to transact amount through online, he/she must provide the bank details like account number and password over the web to access an account.
Threat in above example: The details of an account may be accessed by any intruder without user’s knowledge which leads to loss of information.
Types of threats:
There are three types of threats in system security. They are as follows:
- Human error...
Explanation of Solution
b.
Safeguards:
Safeguard is a measurement by an individual or organization to protect occurrence of threats. “Encryption” is a method which acts as a safeguard that encrypt the information of the company so that others can’t access the data.
The following components used to act as a safeguard to protect the system. They are:
- IDS (Intrusion Detection System).
- Brute force attack.
- Strong password.
- Cookie.
- CCleaner.
IDS:
- Intrusion detection system (IDS) is an application software or device which is used to monitor the networks or activities of the system for unauthorized access and threats to produce the caution reports to authorized user.
- The use of an IDS program is sobering because crime rate of the security is high so that, IDS will generate many false alarms that will compromise the effectiveness.
Brute force attack:
- Brute force attack is a method to find the login cardinalities by generating all possible routes and comparing their distances...
Explanation of Solution
c.
The safeguard can be categorized into three types, they are:
- Technical safeguard
- Data safeguard
- Human safeguard
Technical safeguards:
The technical components are involved to protect the data is known as technical safeguards. Hardware and software components mostly involved in it.
Five types of technical safeguards:
The technical safeguards can be divided into five types. There are:
- Identification and authentication
- Encryption
- Firewalls
- Malware protection
- Design for secure applications
Identification and authentication:
- Identification is uniquely identifying a person with some data credentials.
- For example: username, smart card, or anything else that uniquely identify the person.
- Authentication is a process that proving the identity of the person using credentials.
- For example: Giving right password proves the username of the person.
Encryption:
- Encryption is a process to transform the plain text into cipher text to protect data from unauthorized access. The cipher key will be decrypted using a “key”.
- Note: Key is a string used to unlock a message
Firewall:
- Firewall is a computer program used protects the system from an unauthorized access. It can be used in computers, routers or special purpose networks.
- The Purpose of the firewall is to filter the network traffic coming from, analyze the packet’s type and its contents then check the packets are part of authorized network.
- Normally organizations use multiple firewalls. They are:
- Perimeter firewall – It is used to check the outside network of the organization.
- Internal firewall – check the inside network of the organization.
- Packet filtering firewall – It examines each part of the packet.
Malware:
- Set of programs which are deleting or copy the data from user’s computer is known as malware. It is created for damage the computer’s data and it is created as malicious software.
- The malware can categorize into six types. They are:
- Virus
- Trojan horses
- Worm
- Spyware
- Adware
- Ransomware
Data safeguards:
Data safeguards is a protection guard that protect the
- Data administration
- Database administration
Data administration:
- Data administration is for developing data policies and enforcing data standards.
- It is an organization level component that is responsible for maintenance of the database, formatting and providing security for the organization data.
Database administration:
- Database administration is a function that is relevant to certain database...
Explanation of Solution
d.
The discussion about “Q10-4” is how the organizations respond to the security threats:
Senior management:
Senior management is a team to manage and control security threats and risk activities.
There are two critical security function needs to be addressed in senior management they are:
- Security policy
- Risk management
Security policy:
Security policy was established by an organization and it can vary by each component. For example, security policy in database states information about customers, suppliers, and employees.
Requirements of security policies:
The following minimum requirements need to stipulate the security policy about an organization.
- Information about sensitive data and shared data which is stored by an organization.
- Details of number of employees and others have copies of data about an organization.
- Request from employees and others to change the inaccurate data stored.
Security policies need to specify the following details:
- Check whether the organization is governmental or nongovernmental.
- Whether it is private sector or public...
Explanation of Solution
e.
List of security procedures to temporary employees:
The security procedures are vary to employees and temporary employees. Temporary employees are working on certain period. An organization provide some security procedures for temporary employees they are:
- Position definition
- Limited access
- Monitoring the employee
Position definition:
- An organization should teach the job description for authorities because security threats involved in each position...
Explanation of Solution
f.
List of procedures regarding with disaster plan:
An organization should take the following actions before security incident occurs. By using these actions, the organization can take the action to reduce the further loss.
- Plan.
- Backups and recovery.
Organization should have a plan before the disaster:
- Every organization should have a plan for disaster before the incident occurs...
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solution
Students have asked these similar questions
I need help creating the network diagram and then revising it for the modified activity times.
Activity No.
Activity
Time (weeks)
Immediate Predecessors
1
Requirements collection
3
2
Requirements structuring
4
1
3
Process analysis
3
2
4
Data analysis
3
2
5
Logical design
50
3,4
6
Physical design
5
5
7
Implementation
6
6
c. Using the information from part b, prepare a network diagram. Identify the critical path.
Given the following Extended-BNF grammar of the basic mathematical expressions:
Show the derivation steps for the expression: ( 2 + 3 ) * 6 – 20 / ( 3 + 1 )
Draw the parsing tree of this expression.
SEE IMAGE
Chapter 10 Solutions
Using MIS (10th Edition)
Ch. 10.4 - Prob. 1NFBQCh. 10.4 - Prob. 2NFBQCh. 10.4 - Prob. 3NFBQCh. 10.4 - Prob. 4NFBQCh. 10.4 - Prob. 5NFBQCh. 10.4 - Prob. 6NFBQCh. 10.5 - Prob. 1EGDQCh. 10.5 - Prob. 2EGDQCh. 10.5 - Prob. 3EGDQCh. 10.5 - Prob. 4EGDQ
Ch. 10.5 - Prob. 5EGDQCh. 10.5 - Prob. 6EGDQCh. 10.5 - Prob. 7EGDQCh. 10.9 - Prob. 1SGDQCh. 10.9 - Prob. 2SGDQCh. 10.9 - Prob. 3SGDQCh. 10.9 - Prob. 4SGDQCh. 10.9 - Prob. 10.1ARQCh. 10.9 - Prob. 10.2ARQCh. 10.9 - Prob. 10.3ARQCh. 10.9 - Prob. 10.4ARQCh. 10.9 - Prob. 10.5ARQCh. 10.9 - Prob. 10.6ARQCh. 10.9 - Prob. 10.7ARQCh. 10.9 - Prob. 10.8ARQCh. 10.9 - Prob. 10.9ARQCh. 10 - Prob. 10.1UYKCh. 10 - Prob. 10.2UYKCh. 10 - Prob. 10.3UYKCh. 10 - Prob. 10.4CE10Ch. 10 - Prob. 10.5CE10Ch. 10 - Prob. 10.6CE10Ch. 10 - Prob. 10.7CE10Ch. 10 - Prob. 10.8CS10Ch. 10 - Prob. 10.9CS10Ch. 10 - Prob. 10.1CS10Ch. 10 - Prob. 10.11CS10Ch. 10 - Prob. 10.12CS10Ch. 10 - Prob. 10.13CS10Ch. 10 - Prob. 10.14CS10Ch. 10 - Prob. 10.15MMLCh. 10 - Prob. 10.16MML
Knowledge Booster
Similar questions
- Whentheuserenters!!,themostrecentcommandinthehistoryisexecuted.In the example above, if the user entered the command: Osh> !! The ‘ls -l’ command should be executed and echoed on user’s screen. The command should also be placed in the history buffer as the next command. Whentheuserentersasingle!followedbyanintegerN,theNthcommandin the history is executed. In the example above, if the user entered the command: Osh> ! 3 The ‘ps’ command should be executed and echoed on the user’s screen. The command should also be placed in the history buffer as the next command. Error handling: The program should also manage basic error handling. For example, if there are no commands in the history, entering !! should result in a message “No commands in history.” Also, if there is no command corresponding to the number entered with the single !, the program should output "No such command in history."arrow_forwardActivity No. Activity Time (weeks) Immediate Predecessors 1 Requirements collection 3 2 Requirements structuring 4 1 3 Process analysis 3 2 4 Data analysis 3 2 5 Logical design 50 3,4 6 Physical design 5 5 7 Implementation 6 6 c. Using the information from part b, prepare a network diagram. Identify the critical path.arrow_forward2. UNIX Shell and History Feature [20 points] This question consists of designing a C program to serve as a shell interface that accepts user commands and then executes each command in a separate process. A shell interface gives the user a prompt, after which the next command is entered. The example below illustrates the prompt osh> and the user's next command: cat prog.c. The UNIX/Linux cat command displays the contents of the file prog.c on the terminal using the UNIX/Linux cat command and your program needs to do the same. osh> cat prog.c The above can be achieved by running your shell interface as a parent process. Every time a command is entered, you create a child process by using fork(), which then executes the user's command using one of the system calls in the exec() family (as described in Chapter 3). A C program that provides the general operations of a command-line shell can be seen below. #include #include #define MAX LINE 80 /* The maximum length command */ { int…arrow_forward
- Question#2: Design and implement a Java program using Abstract Factory and Singleton design patterns. The program displays date and time in one of the following two formats: Format 1: Date: MM/DD/YYYY Time: HH:MM:SS Format 2: Date: DD-MM-YYYY Time: SS,MM,HH The following is how the program works. In the beginning, the program asks the user what display format that she wants. Then the program continuously asks the user to give one of the following commands, and performs the corresponding task. Note that the program gets the current date and time from the system clock (use the appropriate Java date and time operations for this). 'd' display current date 't': display current time 'q': quit the program. • In the program, there should be 2 product hierarchies: "DateObject” and “TimeObject”. Each hierarchy should have format and format2 described above. • Implement the factories as singletons. • Run your code and attach screenshots of the results. • Draw a UML class diagram for the program.arrow_forward#include <linux/module.h> #include <linux/kernel.h> // part 2 #include <linux/sched.h> // part 2 extra #include <linux/hash.h> #include <linux/gcd.h> #include <asm/param.h> #include <linux/jiffies.h> void print_init_PCB(void) { printk(KERN_INFO "init_task pid:%d\n", init_task.pid); printk(KERN_INFO "init_task state:%lu\n", init_task.state); printk(KERN_INFO "init_task flags:%d\n", init_task.flags); printk(KERN_INFO "init_task runtime priority:%d\n", init_task.rt_priority); printk(KERN_INFO "init_task process policy:%d\n", init_task.policy); printk(KERN_INFO "init_task task group id:%d\n", init_task.tgid); } /* This function is called when the module is loaded. */ int simple_init(void) { printk(KERN_INFO "Loading Module\n"); print_init_PCB(); printk(KERN_INFO "Golden Ration Prime = %lu\n", GOLDEN_RATIO_PRIME); printk(KERN_INFO "HZ = %d\n", HZ); printk(KERN_INFO "enter jiffies = %lu\n", jiffies); return 0; } /* This function is called when the…arrow_forwardList at least five Operating Systems you know. What is the difference between the kernel mode and the user mode for the Linux? What is the system-call? Give an example of API in OS that use the system-call. What is cache? Why the CPU has cache? What is the difference between the Static Linking and Dynamic Linking when compiling the code.arrow_forward
- In the GoF book, List interface is defined as follows: interface List { int count(); //return the current number of elements in the list Object get(int index); //return the object at the index in the list Object first(); //return the first object in the list Object last(); //return the last object in the list boolean include(Object obj); //return true is the object in the list void append(Object obj); //append the object to the end of the list void prepend(Object obj); //insert the object to the front of the list void delete(Object obj); //remove the object from the list void deleteLast(); //remove the last element of the list void deleteFirst(); //remove the first element of the list void deleteAll(); //remove all elements of the list (a) Write a class adapter to adapt Java ArrayList to GoF List interface. (b) Write a main program to test your adapters through List interface. (c) Same requirement as (a) and (b), but write an object adapter to adapt Java ArrayList to GoF List…arrow_forwardIn modern packet-switched networks, including the Internet, the source host segments long, application-layer messages (for example, an image or a music file) into smaller packets and sends the packets into the network. The receiver then reassembles the packets back into the original message. We refer to this process as message segmentation. Figure 1.27 (attached) illustrates the end-to-end transport of a message with and without message segmentation. Consider a message that is 106 bits long that is to be sent from source to destination in Figure 1.27. Suppose each link in the figure is 5 Mbps. Ignore propagation, queuing, and processing delays. a. Consider sending the message from source to destination without message segmentation. How long does it take to move the message from the source host to the first packet switch? Keeping in mind that each switch uses store-and-forward packet switching, what is the total time to move the message from source host to destination host? b. Now…arrow_forwardConsider a packet of length L that begins at end system A and travels over three links to a destination end system. These three links are connected by two packet switches. Let di, si, and Ri denote the length, propagation speed, and the transmission rate of link i, for i = 1, 2, 3. The packet switch delays each packet by dproc. Assuming no queuing delays, in terms of di, si, Ri, (i = 1, 2, 3), and L, what is the total end-to-end delay for the packet? Suppose now the packet is 1,500 bytes, the propagation speed on all three links is 2.5 * 10^8 m/s, the transmission rates of all three links are 2.5 Mbps, the packet switch processing delay is 3 msec, the length of the first link is 5,000 km, the length of the second link is 4,000 km, and the length of the last link is 1,000 km. For these values, what is the end-to-end delay?arrow_forward
- how to know the weight to data and data to weight also weight by infomraion gain in rapid miner , between this flow diagram retrieve then selecte attrbuite then set role and split data and decision tree and apply model and peformance ,please show how the operators should be connected:arrow_forwardusing rapid miner how to creat decison trea for all attribute and another one with delete one or more of them also how i know the weight of each attribute and what that mean in impact the resultarrow_forwardQ.1. Architecture performance [10 marks] Answer A certain microprocessor requires either 2, 4, or 6 machine cycles to perform various operations. ⚫ (40+g+f)% require 2 machine cycles, ⚫ (30-g) % require 4 machine cycles, and ⚫ (30-f)% require 6 machine cycles. (a) What is the average number of machine cycles per instruction for this microprocessor? Answer (b) What is the clock rate (machine cycles per second) required for this microprocessor to be a "1000 MIPS" processor? Answer (c) Suppose that 35% of the instructions require retrieving an operand from memory which needs an extra 8 machine cycles. What is the average number of machine cycles per instruction, including the instructions that fetch operands from memory?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,
Principles of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage Learning
Information Technology Project ManagementComputer ScienceISBN:9781337101356Author:Kathy SchwalbePublisher:Cengage Learning
Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781285867168Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Information Technology Project Management
Computer Science
ISBN:9781337101356
Author:Kathy Schwalbe
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning