PRINCIPLES OF INFO.SYS.(LL)>CUSTOM PKG<
12th Edition
ISBN: 9781337074674
Author: STAIR
Publisher: CENGAGE C
expand_more
expand_more
format_list_bulleted
Expert Solution & Answer
Chapter 12.8, Problem 2DQ
Explanation of Solution
Threats to the
| Means | Motives | Opportunity | Effectiveness | |
| Cyber attack | Attacking hospital network for gaining unauthorized access. | To gain access to hospital network for illegal activities. | It can be considered as a threat and not an opportunity in case of a hospital network. | It is low and it occurs very rarely. |
| Hacking the data | Hacking of patient’s sensitive information regarding illness. | Hacking the sensitive information of patients such as illness details, SSN and date of birth... |
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solution
Students have asked these similar questions
It is important to establish both the risk appetite and the hazards that are still present. A situation that takes place in the real world may be used to illustrate the trade-off that exists between a person's appetite for risk and their level of residual risk.
Create a risk assessment for the following scenario, being sure to include all of the pertinent information: A writer goes to the CAF-POW coffee shop with his laptop so that he may make advantage of the free public open WiFi that is offered there.
Define risk appetite and residual hazards. Real-world scenarios may demonstrate the
risk appetite-residual
risk trade-off.
Chapter 12 Solutions
PRINCIPLES OF INFO.SYS.(LL)>CUSTOM PKG<
Ch. 12.5 - Prob. 1DQCh. 12.5 - Prob. 2DQCh. 12.5 - Prob. 1CTQCh. 12.5 - Prob. 2CTQCh. 12.8 - Prob. 1DQCh. 12.8 - Prob. 2DQCh. 12.8 - Prob. 1CTQCh. 12.8 - Prob. 2CTQCh. 12 - Prob. 1SATCh. 12 - Prob. 2SAT
Ch. 12 - Prob. 3SATCh. 12 - The ______ is a key member and the leader of the...Ch. 12 - Prob. 5SATCh. 12 - Prob. 6SATCh. 12 - Prob. 7SATCh. 12 - Prob. 8SATCh. 12 - Prob. 9SATCh. 12 - Prob. 10SATCh. 12 - Feasibility analysis is typically done during...Ch. 12 - Data modeling is most often accomplished through...Ch. 12 - Prob. 13SATCh. 12 - Prob. 14SATCh. 12 - Any potential change in system requirements that...Ch. 12 - Prob. 1RQCh. 12 - Prob. 2RQCh. 12 - Prob. 3RQCh. 12 - Prob. 4RQCh. 12 - Prob. 5RQCh. 12 - Prob. 6RQCh. 12 - Prob. 7RQCh. 12 - Prob. 8RQCh. 12 - Prob. 9RQCh. 12 - Prob. 10RQCh. 12 - Prob. 11RQCh. 12 - Prob. 12RQCh. 12 - Prob. 13RQCh. 12 - Prob. 14RQCh. 12 - Prob. 15RQCh. 12 - Prob. 16RQCh. 12 - Prob. 1DQCh. 12 - Prob. 3DQCh. 12 - Prob. 5DQCh. 12 - Prob. 6DQCh. 12 - Prob. 10DQCh. 12 - Prob. 11DQCh. 12 - Prob. 1DQ1Ch. 12 - Prob. 2DQ1Ch. 12 - Prob. 1CTQ1Ch. 12 - Prob. 2CTQ1Ch. 12 - Prob. 1DQ2Ch. 12 - Prob. 2DQ2Ch. 12 - Prob. 1CTQ2Ch. 12 - Prob. 2CTQ2Ch. 12 - Prob. 1DQ3Ch. 12 - Prob. 2DQ3Ch. 12 - Prob. 1CTQ3Ch. 12 - Prob. 2CTQ3
Knowledge Booster
Similar questions
- An incident's containment strategy is defined as follows: Give an example and then explain about it in detail.arrow_forwardWhen it comes to security holes, how can we determine if an attack is passive or aggressive and act accordingly? For a number of different reasons, active assaults pose a greater threat than their passive counterparts. Your responses need to be supported by concrete examples whenever possible.arrow_forwardAssume we quantify risk in two dimensions, like probability and impact (most commonly used way). Can you give two different examples, of which risks are HIGH for both. However, one of the examples includes only 1/3 of the probability of the other example and still in HIGH risk category. Discuss with the help of examples.arrow_forward
- A zero day threat is characterized by Select one: a. Getting hit with the threat same day it is released b. Getting hit with the threat on its last day of existence. c. Getting hit with the threat that only lasts for one day d. None of thesearrow_forwardThere should be a list with brief explanations of the five risk-control approaches.arrow_forwardFirst, let's evaluate the similarities and differences between two extremes: dangers and attacks. Provide evidence to support your assertion.arrow_forward
- How can you tell the difference between a passive and an aggressive security attack? Active assaults provide a greater threat than passive ones for a number of reasons. If you make claims, back them up with evidence.arrow_forwardA list and short description of the five risk-control strategies should be provided.arrow_forwardYou are hired as a security expert for an online retailer. Currently, the company makes an annual revenue of $10,000,000. A security-risk analysis has shown that in the case of a ransomware attack on this company, the company would see an immediate loss of $1000,000. In addition, due to degraded reputation, the company's revenue would experience a drop of 10% over the next year. It is estimated that online retailers, similar to the one in question, experience 1 ransomware infection every 2 years. The company is considering the purchase of a set of security safeguards that would reduce the probability of successful ransomware infection in half. The annual cost of this set of safeguards is $200,000. It should also be noted that if implemented, the safeguards would slow down the retailer's site, and cause a revenue loss of about $50,000 a month (relative to the current revenue). Using the cost-benefit analysis approach, determine whether the company should purchase this solution. Provide…arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781285867168Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,
Principles of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage Learning
Information Technology Project ManagementComputer ScienceISBN:9781337101356Author:Kathy SchwalbePublisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Information Technology Project Management
Computer Science
ISBN:9781337101356
Author:Kathy Schwalbe
Publisher:Cengage Learning