
Explanation of Solution
a.
Threats:
A threat is a thing that can cause damage to the organization, IT systems or other networks.
Example:
If the user wants to transact amount through online, he/she must provide the bank details like account number and password over the web to access an account.
Threat in above example: The details of an account may be accessed by any intruder without user’s knowledge which leads to loss of information.
Types of threats:
There are three types of threats in system security. They are as follows:
- Human error...
Explanation of Solution
b.
Safeguards:
Safeguard is a measurement by an individual or organization to protect occurrence of threats. “Encryption” is a method which acts as a safeguard that encrypt the information of the company so that others can’t access the data.
The following components used to act as a safeguard to protect the system. They are:
- IDS (Intrusion Detection System).
- Brute force attack.
- Strong password.
- Cookie.
- CCleaner.
IDS:
- Intrusion detection system (IDS) is an application software or device which is used to monitor the networks or activities of the system for unauthorized access and threats to produce the caution reports to authorized user.
- The use of an IDS program is sobering because crime rate of the security is high so that, IDS will generate many false alarms that will compromise the effectiveness.
Brute force attack:
- Brute force attack is a method to find the login cardinalities by generating all possible routes and comparing their distances...
Explanation of Solution
c.
The safeguard can be categorized into three types, they are:
- Technical safeguard
- Data safeguard
- Human safeguard
Technical safeguards:
The technical components are involved to protect the data is known as technical safeguards. Hardware and software components mostly involved in it.
Five types of technical safeguards:
The technical safeguards can be divided into five types. There are:
- Identification and authentication
- Encryption
- Firewalls
- Malware protection
- Design for secure applications
Identification and authentication:
- Identification is uniquely identifying a person with some data credentials.
- For example: username, smart card, or anything else that uniquely identify the person.
- Authentication is a process that proving the identity of the person using credentials.
- For example: Giving right password proves the username of the person.
Encryption:
- Encryption is a process to transform the plain text into cipher text to protect data from unauthorized access. The cipher key will be decrypted using a “key”.
- Note: Key is a string used to unlock a message
Firewall:
- Firewall is a computer program used protects the system from an unauthorized access. It can be used in computers, routers or special purpose networks.
- The Purpose of the firewall is to filter the network traffic coming from, analyze the packet’s type and its contents then check the packets are part of authorized network.
- Normally organizations use multiple firewalls. They are:
- Perimeter firewall – It is used to check the outside network of the organization.
- Internal firewall – check the inside network of the organization.
- Packet filtering firewall – It examines each part of the packet.
Malware:
- Set of programs which are deleting or copy the data from user’s computer is known as malware. It is created for damage the computer’s data and it is created as malicious software.
- The malware can categorize into six types. They are:
- Virus
- Trojan horses
- Worm
- Spyware
- Adware
- Ransomware
Data safeguards:
Data safeguards is a protection guard that protect the
- Data administration
- Database administration
Data administration:
- Data administration is for developing data policies and enforcing data standards.
- It is an organization level component that is responsible for maintenance of the database, formatting and providing security for the organization data.
Database administration:
- Database administration is a function that is relevant to certain database...
Explanation of Solution
d.
The discussion about “Q10-4” is how the organizations respond to the security threats:
Senior management:
Senior management is a team to manage and control security threats and risk activities.
There are two critical security function needs to be addressed in senior management they are:
- Security policy
- Risk management
Security policy:
Security policy was established by an organization and it can vary by each component. For example, security policy in database states information about customers, suppliers, and employees.
Requirements of security policies:
The following minimum requirements need to stipulate the security policy about an organization.
- Information about sensitive data and shared data which is stored by an organization.
- Details of number of employees and others have copies of data about an organization.
- Request from employees and others to change the inaccurate data stored.
Security policies need to specify the following details:
- Check whether the organization is governmental or nongovernmental.
- Whether it is private sector or public...
Explanation of Solution
e.
List of security procedures to temporary employees:
The security procedures are vary to employees and temporary employees. Temporary employees are working on certain period. An organization provide some security procedures for temporary employees they are:
- Position definition
- Limited access
- Monitoring the employee
Position definition:
- An organization should teach the job description for authorities because security threats involved in each position...
Explanation of Solution
f.
List of procedures regarding with disaster plan:
An organization should take the following actions before security incident occurs. By using these actions, the organization can take the action to reduce the further loss.
- Plan.
- Backups and recovery.
Organization should have a plan before the disaster:
- Every organization should have a plan for disaster before the incident occurs...

Want to see the full answer?
Check out a sample textbook solution
Chapter 10 Solutions
EBK USING MIS
- 2:21 m Ο 21% AlmaNet WE ARE HIRING Experienced Freshers Salesforce Platform Developer APPLY NOW SEND YOUR CV: Email: hr.almanet@gmail.com Contact: +91 6264643660 Visit: www.almanet.in Locations: India, USA, UK, Vietnam (Remote & Hybrid Options Available)arrow_forwardProvide a detailed explanation of the architecture on the diagramarrow_forwardhello please explain the architecture in the diagram below. thanks youarrow_forward
- Complete the JavaScript function addPixels () to calculate the sum of pixelAmount and the given element's cssProperty value, and return the new "px" value. Ex: If helloElem's width is 150px, then calling addPixels (hello Elem, "width", 50) should return 150px + 50px = "200px". SHOW EXPECTED HTML JavaScript 1 function addPixels (element, cssProperty, pixelAmount) { 2 3 /* Your solution goes here *1 4 } 5 6 const helloElem = document.querySelector("# helloMessage"); 7 const newVal = addPixels (helloElem, "width", 50); 8 helloElem.style.setProperty("width", newVal); [arrow_forwardSolve in MATLABarrow_forwardHello please look at the attached picture. I need an detailed explanation of the architecturearrow_forward
- Information Security Risk and Vulnerability Assessment 1- Which TCP/IP protocol is used to convert the IP address to the Mac address? Explain 2-What popular switch feature allows you to create communication boundaries between systems connected to the switch3- what types of vulnerability directly related to the programmer of the software?4- Who ensures the entity implements appropriate security controls to protect an asset? Please do not use AI and add refrencearrow_forwardFind the voltage V0 across the 4K resistor using the mesh method or nodal analysis. Note: I have already simulated it and the value it should give is -1.714Varrow_forwardResolver por superposicionarrow_forward
- Describe three (3) Multiplexing techniques common for fiber optic linksarrow_forwardCould you help me to know features of the following concepts: - commercial CA - memory integrity - WMI filterarrow_forwardBriefly describe the issues involved in using ATM technology in Local Area Networksarrow_forward
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,Principles of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage LearningInformation Technology Project ManagementComputer ScienceISBN:9781337101356Author:Kathy SchwalbePublisher:Cengage Learning
- Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage LearningPrinciples of Information Systems (MindTap Course...Computer ScienceISBN:9781285867168Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning




