Explanation of Solution
a.
Threats:
A threat is a thing that can cause damage to the organization, IT systems or other networks.
Example:
If the user wants to transact amount through online, he/she must provide the bank details like account number and password over the web to access an account.
Threat in above example: The details of an account may be accessed by any intruder without user’s knowledge which leads to loss of information.
Types of threats:
There are three types of threats in system security. They are as follows:
- Human error...
Explanation of Solution
b.
Safeguards:
Safeguard is a measurement by an individual or organization to protect occurrence of threats. “Encryption” is a method which acts as a safeguard that encrypt the information of the company so that others can’t access the data.
The following components used to act as a safeguard to protect the system. They are:
- IDS (Intrusion Detection System).
- Brute force attack.
- Strong password.
- Cookie.
- CCleaner.
IDS:
- Intrusion detection system (IDS) is an application software or device which is used to monitor the networks or activities of the system for unauthorized access and threats to produce the caution reports to authorized user.
- The use of an IDS program is sobering because crime rate of the security is high so that, IDS will generate many false alarms that will compromise the effectiveness.
Brute force attack:
- Brute force attack is a method to find the login cardinalities by generating all possible routes and comparing their distances...
Explanation of Solution
c.
The safeguard can be categorized into three types, they are:
- Technical safeguard
- Data safeguard
- Human safeguard
Technical safeguards:
The technical components are involved to protect the data is known as technical safeguards. Hardware and software components mostly involved in it.
Five types of technical safeguards:
The technical safeguards can be divided into five types. There are:
- Identification and authentication
- Encryption
- Firewalls
- Malware protection
- Design for secure applications
Identification and authentication:
- Identification is uniquely identifying a person with some data credentials.
- For example: username, smart card, or anything else that uniquely identify the person.
- Authentication is a process that proving the identity of the person using credentials.
- For example: Giving right password proves the username of the person.
Encryption:
- Encryption is a process to transform the plain text into cipher text to protect data from unauthorized access. The cipher key will be decrypted using a “key”.
- Note: Key is a string used to unlock a message
Firewall:
- Firewall is a computer program used protects the system from an unauthorized access. It can be used in computers, routers or special purpose networks.
- The Purpose of the firewall is to filter the network traffic coming from, analyze the packet’s type and its contents then check the packets are part of authorized network.
- Normally organizations use multiple firewalls. They are:
- Perimeter firewall – It is used to check the outside network of the organization.
- Internal firewall – check the inside network of the organization.
- Packet filtering firewall – It examines each part of the packet.
Malware:
- Set of programs which are deleting or copy the data from user’s computer is known as malware. It is created for damage the computer’s data and it is created as malicious software.
- The malware can categorize into six types. They are:
- Virus
- Trojan horses
- Worm
- Spyware
- Adware
- Ransomware
Data safeguards:
Data safeguards is a protection guard that protect the
- Data administration
- Database administration
Data administration:
- Data administration is for developing data policies and enforcing data standards.
- It is an organization level component that is responsible for maintenance of the database, formatting and providing security for the organization data.
Database administration:
- Database administration is a function that is relevant to certain database...
Explanation of Solution
d.
The discussion about “Q10-4” is how the organizations respond to the security threats:
Senior management:
Senior management is a team to manage and control security threats and risk activities.
There are two critical security function needs to be addressed in senior management they are:
- Security policy
- Risk management
Security policy:
Security policy was established by an organization and it can vary by each component. For example, security policy in database states information about customers, suppliers, and employees.
Requirements of security policies:
The following minimum requirements need to stipulate the security policy about an organization.
- Information about sensitive data and shared data which is stored by an organization.
- Details of number of employees and others have copies of data about an organization.
- Request from employees and others to change the inaccurate data stored.
Security policies need to specify the following details:
- Check whether the organization is governmental or nongovernmental.
- Whether it is private sector or public...
Explanation of Solution
e.
List of security procedures to temporary employees:
The security procedures are vary to employees and temporary employees. Temporary employees are working on certain period. An organization provide some security procedures for temporary employees they are:
- Position definition
- Limited access
- Monitoring the employee
Position definition:
- An organization should teach the job description for authorities because security threats involved in each position...
Explanation of Solution
f.
List of procedures regarding with disaster plan:
An organization should take the following actions before security incident occurs. By using these actions, the organization can take the action to reduce the further loss.
- Plan.
- Backups and recovery.
Organization should have a plan before the disaster:
- Every organization should have a plan for disaster before the incident occurs...
Want to see the full answer?
Check out a sample textbook solution
Chapter 10 Solutions
EBK USING MIS
- .NET Interactive Solving Sudoku using Grover's Algorithm We will now solve a simple problem using Grover's algorithm, for which we do not necessarily know the solution beforehand. Our problem is a 2x2 binary sudoku, which in our case has two simple rules: •No column may contain the same value twice •No row may contain the same value twice If we assign each square in our sudoku to a variable like so: 1 V V₁ V3 V2 we want our circuit to output a solution to this sudoku. Note that, while this approach of using Grover's algorithm to solve this problem is not practical (you can probably find the solution in your head!), the purpose of this example is to demonstrate the conversion of classical decision problems into oracles for Grover's algorithm. Turning the Problem into a Circuit We want to create an oracle that will help us solve this problem, and we will start by creating a circuit that identifies a correct solution, we simply need to create a classical function on a quantum circuit that…arrow_forwardNeed help with this in python!arrow_forwardNeed help with this in python!arrow_forward
- Help! How do I turn the flowchart that searches for a name in an array of names into structured and spaced pseudocode?arrow_forwardThe mail merge process has ____ steps. Question 19Select one: a. five b. six c. seven d. eightarrow_forwardIf you created a main document based on an existing document entitled "Confirmation Letter," what default filename would Word give the main document? Question 14Select one: a. Confirmation Letter-1 b. Confirmation Letter-merge c. Document1 d. MergedDocument1arrow_forward
- Click the ____ option button in the Mail Merge task pane to use an Outlook contact list as a data source for a merge. Question 11Select one: a. Use Outlook contacts list b. Select from Outlook contacts c. Select Contacts d. Mail Merge Recipientsarrow_forwardA(n) ____ cannot be selected as the document type in the Mail Merge task pane. Question 9Select one: a. Letter b. Directory c. Fax d. E-mail messagearrow_forwardConsider a Superstore Database which consists of 3 tables, Orders, Returns, and Managers. The CSV files have been provided along with this DOC file in the Midterm 2 Link in the Moodle. Answer the questions as below: Use the created table as in the provided SQL query file, solve the problems as mentioned below. You will have to import the respective CSV files of the above created tables as without them, it is impossible to solve the questions below. If you are not able to upload the files successfully, do not leave the query questions. Just write the query to the best of your knowledge. Do not copy. To be graded for the screenshot answer, you must upload the CSV properly and paste the resulting screenshot of the queries as asked. Write Query to Find out which Product Sub-Category has a sum of Shipping Cost to sum of Sales ratio > 0.03.arrow_forward
- I need to render an image of a car continuously for a smooth visual experience in C# WinForms. It gets the location array (that has all the x,y of the tiles it should visit) from another function - assume it is already written.arrow_forwardwrite c program with features: Register a Bunny: Store the bunny's name, poem, and initialize the egg count to 0. Modify an Entry: Change the bunny's poem or update the egg count. Delete a Bunny: Remove a registered bunny from the list. List All Bunnies: Display all registered bunnies and their details. Save & Load Data: Store bunny data in a file to persist between runs. Use a struct to represent a bunny contestant. Store data in a binary file (bunnies.dat) for persistence. Use file I/O functions (fopen, fwrite, fread, etc.) to manage data. Implement a menu-driven interface for user interaction.arrow_forwardHelp, how do I write the pseudocode for the findMean function and flowchart for this?arrow_forward
Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,
Principles of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage Learning
Information Technology Project ManagementComputer ScienceISBN:9781337101356Author:Kathy SchwalbePublisher:Cengage Learning
Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781285867168Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning