EBK ESSENTIALS OF MIS
12th Edition
ISBN: 8220101459305
Author: LAUDON
Publisher: PEARSON
expand_more
expand_more
format_list_bulleted
Question
Chapter 8, Problem 11CTP
Program Plan Intro
System vulnerability:
- When huge data amounts are been kept in electronic form, it becomes susceptible to many threats.
- The
information systems in many locations are been interconnected through communication networks. - The unauthorized access can occur at many access points in network and is not limited to single location.
- The data flowing over networks could be accessed; valuable information could be stolen while transmission or data could be altered without authorization.
- The denial-of-service attacks are launched by intruders to disrupt website operations.
- Internets are vulnerable than internal networks as it is open to everyone.
Explanation of Solution
Comparison of firms:
- The details of two firms that offer security outsourcing services are shown below:
- Company A:
- The company A is one of leading firm in security outsourcing services.
- The services offered by company includes:
- Customized services
- More expertise in solving security problems.
- Different methods are introduced and more security copy rights.
- It provides more security solutions.
- It has professionals with experience in security as well as technological issues...
- Company A:
Explanation of Solution
The choice of outsourcing:
- The company should outsource the computer security based on investment returns.
- It is better option to choose company B than company A.
- Company B provides quick and timely services, so that it helps company to react proactively.
- It provides more flexibility in services, even though company A provides customization, flexibility is more important...
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solution
Students have asked these similar questions
As a security officer, you have been requested to assist the company’s recruitment officer with the drafting of a newemployee recruitment security protocol that the organization intends to adopt for all recruitment purposes in the future. Provide a brief but comprehensive document which must cover the most important security area the organization needs to focus on when recruiting new employees.
Good morning,
I need assistance please.
https://niccs.cisa.gov/cybersecurity-career-resources/interactive-cybersecurity-career-map
A security policy is developed by senior management to assign certain responsibilities and mandate certain requirements, which are usually aligned with the agency's mission.A new policy was just created to prohibit peer-to-peer software downloads, as they are illegal and may bring malicious content to the workplace. The security officer, noticed that employees resisted the policy and chose to continue downloading peer-to-peer software. Explain how you would handle this situation. What would you do to enforce the policy?
Knowledge Booster
Similar questions
- Alert dont submitAI generated answer.arrow_forwardThe C-suites and SBOs (Small Business Owners) are planning to build a security system to identify and prevent malicious attacks posing a risk to physical loss or theft of sensitive information. Using the security system development lifecycle secSDLC, identify secSDLC phases and describe common steps for each phase.arrow_forwardWhy security architecture is needed for a firm’s security solution? Outline what is a typical firm’s security architecture.arrow_forward
- When creating a comprehensive information security strategy for your company's information system, what are the many cyber security dangers that you should be aware of and prepare for? How have you anticipated and prepared for potential cyber security issues in the near future?arrow_forwardThe work you’ve done for your clients at the flooring company has helped them realize they have not taken cybersecurity seriously enough. Now that they realize the threats from hackers are more serious than they thought, they want to learn more about how to detect intruders in their systems to try to prevent the problems from happening because of a hack. Write a 2- to 3-page summary explaining how to prevent and detect intrusion in IT systems. Describe how penetration tests provide insight on network vulnerabilities through testing network defenses, such as firewalls, honeypots, and IDS. Explain how and why hackers circumvent firewalls. Explain IDS evasion and countermeasures to IDS evasion techniques. Describe the role of webserver hacking and detection in penetration testing. Identify 3 web server architectures and provide an example of a vulnerability for each. Identify tools and techniques used to detect intrusion web servers.arrow_forwardThe school and your employer were so pleased with your outline and handout for the high school career fair that you have been asked back to present on security threats, security measures, and hacking countermeasures to the entire student body and staff of the school. Create a 10- to 12-slide media-rich presentation including detailed speaker notes about a variety of security threats and security measures and hacking countermeasures to combat the threat. In your presentation, you should: Identify 1 threat and 1 security measure or hacking countermeasure for wireless networks. Identify 1 threat and 1 security measure or hacking countermeasure for mobile networks. Identify 1 threat and 1 security measure or hacking countermeasure for OT or IoT. Identify 1 threat and 1 security measure or hacking countermeasure for cloud-based platforms. Summarize the threats, security measures, and hacking countermeasures you identified. Recommend practical methods the staff and students at the school to…arrow_forward
- Why would a security manager choose to hire an outside firm to review security operations and make recommendations for changes as well as insurance options rather than conduct the study internally? cyber securityarrow_forwardPurposeThis course project is intended to assess your ability to identify, design, and organize information technology (IT) security policies.Learning Objectives and OutcomesSuccessful completion of this project will ensure that you can develop draft IT security policies for an organization and apply learning constructs from the course. By the end of this project, you will be able to do the following:Evaluate compliance laws relevant to the U.S. Department of Defense.Assess policy frameworks appropriate for an organization in a given scenario.Evaluate security controls and standards for the seven domains of a typical IT infrastructure.Develop DoD-compliant policies for an organization’s IT infrastructure.Required Source Information and ToolsWeb References: Links to Web references in this document and related materials are subject to change without prior notice. These links were last verified on January 4, 2022. The following tools and resources will be needed to complete this…arrow_forwardPurposeThis course project is intended to assess your ability to identify, design, and organize information technology (IT) security policies.Learning Objectives and OutcomesSuccessful completion of this project will ensure that you can develop draft IT security policies for an organization and apply learning constructs from the course. By the end of this project, you will be able to do the following:Evaluate compliance laws relevant to the U.S. Department of Defense.Assess policy frameworks appropriate for an organization in a given scenario.Evaluate security controls and standards for the seven domains of a typical IT infrastructure.Develop DoD-compliant policies for an organization’s IT infrastructure.Required Source Information and ToolsWeb References: Links to Web references in this document and related materials are subject to change without prior notice. These links were last verified on January 4, 2022. The following tools and resources will be needed to complete this…arrow_forward
- What are the advantages of implementing a security awareness campaign, and how can doing so assist a firm in achieving its goals by highlighting the significance of a communication strategy?arrow_forwardcreate a process to select cybersecurity products in the market.arrow_forwardA number of authorities in the field of information technology security are of the opinion that businesses might significantly improve their levels of protection by employing individuals who have previously worked as hackers in the capacity of consultants. Is that what you consider to be the case? Is this an acceptable reason or an unacceptable one?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Fundamentals of Information SystemsComputer ScienceISBN:9781337097536Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,
Principles of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage Learning
Fundamentals of Information SystemsComputer ScienceISBN:9781305082168Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Fundamentals of Information Systems
Computer Science
ISBN:9781305082168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning