Essentials of MIS (13th Edition)
Essentials of MIS (13th Edition)
13th Edition
ISBN: 9780134802756
Author: Kenneth C. Laudon, Jane Laudon
Publisher: PEARSON
Question
Book Icon
Chapter 8, Problem 9HMP
Program Plan Intro

System vulnerability:

  • When huge data amounts are been kept in electronic form, it becomes susceptible to many threats.
  • The information systems in many locations are been interconnected through communication networks.
  • The unauthorized access can occur at many access points in network and is not limited to single location.
  • The data flowing over networks could be accessed; valuable information could be stolen while transmission or data could be altered without authorization.
  • The denial-of-service attacks are launched by intruders to disrupt website operations.
  • Internets are vulnerable than internal networks as it is open to everyone.

Explanation of Solution

Platform to address:

  • First platform:
    • o The Windows Vista Ultimate operated by high level administrators has access to areas that other users do not have.
    • o The core system operations are affected by task of administrators.
  • Second platform:
    • o The windows server with corporate applications denotes second platform.
    • o The business conduction may be affected if corporate applications are corrupted.
  • Third platform:
    • o The Sun Solaris with e-commerce and web servers denote third platform.
    • o The internal operations are ensured to be safe and secure...

Explanation of Solution

Types of control problems:

  • The types of control problems includes:
    • o General controls:
      • It governs design, security, and use of computer programs and data file security.
      • It is applied to all computerized applications.
      • It consists of a combination of software, hardware and manual procedures that creates overall control environment.
        • Windows Vista ultimate for high level administrators.
        • Sun Solaris for e-commerce and web servers.
    • o Application controls:
      • It denotes specific controls that are unique to each computerized application.
      • It includes payroll or order processing.
      • It includes both manual as well as automated procedures that ensure authorized data processing.
      • It can be classified as input controls, output controls and processing controls...

Explanation of Solution

Risk of ignoring security vulnerabilities:

  • The technical, environmental and organizational threats can be faced by information systems.
  • The top priority should be given system security and it should be ensured by managers at all levels.
  • The security awareness should be spread to all employees...

Blurred answer
Students have asked these similar questions
Chain Link Consulting is an information technology consulting company that focuses on system security concerns. When the company's president asks you to assist her with the preparation of a presentation for a group of potential clients at a trade show meeting next month, you say "yes." First and foremost, she would like you to examine system security concerns in light of all six security levels. Afterwards, she wants you to come up with a list of methods that Chain Link might evaluate a client's security procedures in order to obtain an accurate evaluation of their level of exposure.It was her way of making the situation more intriguing by saying that it was fine to be imaginative in your ideas, but that you should avoid proposing anything that would be unlawful or immoral. Example: It might be OK to pretend as a job candidate with phony references to see whether they were being reviewed, but it would be inappropriate to steal a lock and access the computer room to check on things.Your…
Perform a literature review to study and compare security mechanisms offered by any TWO cloud computing service providers e.g. Amazon, Microsoft, Google, Alibaba, IBM, etc. Analyze extensively and write a technical report on how the selected service providers guarantee security for the clients/customers data security     Submission Technical Report. Prepare a technical report (free format) with the following structure: Introduction Details review of selected service providers – review must include all security features and mechanisms to guarantees clients/customers data security Discussion – Suggest which service provider between the two that provide better security mechanisms and features Conclusion
This week, your flooring sales and installation company client wants you to explain the different kinds of attack threats their business faces from hackers.    Write a 1- to 2-page memo or create a 1- to 2-page table that summarizes attack threats from hackers to any business, noting which are applicable to your client's business; how the vulnerabilities in a system can be exposed; and countermeasures that can mitigate against threats from attack.   Describe sniffing attacks, identify a protocol that is vulnerable to sniffing, and suggest appropriate countermeasures.   Describe session hijacking, provide an example of a specific threat from session hijacking, and recommend appropriate countermeasures for the threat.    Describe spoofing, provide an example of a specific threat from spoofing, and recommend appropriate countermeasures for the threat.    Describe poisoning attacks, provide an example of a specific threat from a poisoning attack, and recommend appropriate countermeasures…
Knowledge Booster
Background pattern image
Similar questions
SEE MORE QUESTIONS
Recommended textbooks for you
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning