Accounting Information Systems (13th Edition)
13th Edition
ISBN: 9780133428537
Author: Marshall B. Romney, Paul J. Steinbart
Publisher: PEARSON
expand_more
expand_more
format_list_bulleted
Question
Chapter 8, Problem 6P
1.
To determine
Analyze the time-based model of security.
2.
To determine
Identify the best investment model.
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solution
Students have asked these similar questions
Which preventive, detective, and/or corrective controls would best mitigate the following threat, and why?
(c) A criminal remotely accessed a sensitive database using the authentication credentials (user ID and strong password) of an IT manager. At the time the attack occurred, the IT manager was logged into the system at his workstation at company headquarters.
STUDY QUESTIONS
Why is human behavior considered one of the biggest potential threats to operating system integrity?
What are the issues that need to be considered before implementing keystroke monitoring?
Describe the three ways on how an audit trail can be used to support security objectives.
Explain how poorly designed audit trail logs can actually be dysfunctional.
Why would a systems programmer create a back door if he or she has access to the program in his or her day-to-day tasks?
PROBLEMS
Problem 1:
Charles Hart, an accounts payable clerk, is an hourly employee. He never works a minute past 5 P.M. unless the overtime has been approved. Charles has recently found himself faced with some severe financial difficulties. He has been accessing the system from his home during the evening and setting up an embezzlement scheme. As his boss, what control technique(s) can be used to help detect this type of fraud?
Problem 2:
In 2002, Mr. Rollerball started Mighty Mouse,…
A group of IT experts disclosed the “internet cookies” vulnerability of your organisation in a recent online security test. Describe to your management the security concerns that “internet cookies” portend?
Chapter 8 Solutions
Accounting Information Systems (13th Edition)
Knowledge Booster
Similar questions
- List at least five threats in the process of ERP implementation (any of these steps: ERP product brand selection, module design, installation, testing, and daily operation), and propose at least 10 controls to mitigate the threats in your list. For each threat, there should be at least one proposed control. Elaborate on both the threats and controls. An answer like “Threat 1: Theft of cash. Controls: a. surprise audits; b. running petty cash.” is not sufficient. You need to explain why you think theft of cash is a threat, and how the two controls can mitigate the risk of cash theft.arrow_forwardWhich preventive, detective, and/or corrective controls would best mitigate the following threat, and why? (j) An attacker gained access to the company’s internal network by installing a wireless access point in a wiring closet located next to the elevators on the fourth floor of a high-rise office building that the company shared with other companies.arrow_forwardRefer to the given system flowchart, and we have discussed the control weakness and the risk associated with these control weaknesses. Based on these control weaknesses and the associated risk, what types of frauds are possible in this business environment.arrow_forward
- Scenario: IBM is a software development company and is currently working on an online cloud based Data storage management system. The system analyst collected the following system requirements from the dient. You are supposed to identify the functional and non-functional requirements. a. The system shall be operational 10 hours a day and 5 days a week. b. If the system fails, the system will be recovered back up within 45 seconds or less. c. Admin shall be able to get information about all the registered customers. d. Admin shall be able to update any change in the database.arrow_forwardWhich preventive, detective, and/or corrective controls would best mitigate the following threat, and why? (i)To facilitate working from home, an employee installed a modem on his office workstation. An attacker successfully penetrated the company’s system by dialing into that modem.arrow_forwardWhich of the following is not a way to prevent your computer from being attacked by ransomware? A. making sure your antivirus security programs are up to date B. opening all attachments from emails from unknown senders C. using secure (password protected) networks and backing up your files regularly D. not using open Wi-Fi (nonpassword, nonencrypted) in public locationsarrow_forward
- Listed here are two scenarios. For each scenario, discuss the possible damages that can occur.Suggest a preventive control.A. An intruder taps into a telecommunications device and retrieves the identifying codes andpersonal identification numbers for ATM cardholders. (The user subsequently codes thisinformation onto a magnetic coding device and places this strip on a blank bank card.)B. Because of occasional noise on a transmission line, electronic messages received are extremelygarbled.Problem # 4 (30arrow_forwardPlease answer 1, 2 and 3.arrow_forwardAs an added measure, a company has set up its network so that computers that currently log in through the central authentication system (CAS) can log in even if the network is unavailable (through a system of stored password information). This move would be most closely associated with which CIIA goals: Confidentiality and Integrity O Integrity and Availability Confidentiality and Accessibility O Confidentiality and Availabilityarrow_forward
- Alejandro reviewed the user access protocols for Ponder Products. Alejandro is concerned that the accounting system could be subject to malicious attacks on user accounts that are currently protected with a username and password. The system has the capability to send a message to a user's cell phone or email address. How could Alejandro use the messaging capabilities of the system to further protect it from attack? Enable two-factor authentication Enable fingerprint scanners Enable read-only access for all users Enable administrator access for all usersarrow_forwardAccounting 1. what measures QuickBooks software implements to prevent cybersecurity breaches.arrow_forwardWhich preventive, detective, and/or corrective controls would best mitigate the following threat, and why? (h) Once an attack on the company’s website was discovered, it took more than 30 minutes to determine whom to contact to initiate response actions.arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
Accounting Information SystemsAccountingISBN:9781337619202Author:Hall, James A.Publisher:Cengage Learning,
Pkg Acc Infor Systems MS VISIO CDFinanceISBN:9781133935940Author:Ulric J. GelinasPublisher:CENGAGE L
Principles of Accounting Volume 1AccountingISBN:9781947172685Author:OpenStaxPublisher:OpenStax College
Auditing: A Risk Based-Approach (MindTap Course L...AccountingISBN:9781337619455Author:Karla M Johnstone, Audrey A. Gramling, Larry E. RittenbergPublisher:Cengage Learning
Accounting Information Systems
Accounting
ISBN:9781337619202
Author:Hall, James A.
Publisher:Cengage Learning,
Pkg Acc Infor Systems MS VISIO CD
Finance
ISBN:9781133935940
Author:Ulric J. Gelinas
Publisher:CENGAGE L
Principles of Accounting Volume 1
Accounting
ISBN:9781947172685
Author:OpenStax
Publisher:OpenStax College
Auditing: A Risk Based-Approach (MindTap Course L...
Accounting
ISBN:9781337619455
Author:Karla M Johnstone, Audrey A. Gramling, Larry E. Rittenberg
Publisher:Cengage Learning