Essentials of MIS (13th Edition)
Essentials of MIS (13th Edition)
13th Edition
ISBN: 9780134802756
Author: Kenneth C. Laudon, Jane Laudon
Publisher: PEARSON
Question
Book Icon
Chapter 8, Problem 9HMP
Program Plan Intro

System vulnerability:

  • When huge data amounts are been kept in electronic form, it becomes susceptible to many threats.
  • The information systems in many locations are been interconnected through communication networks.
  • The unauthorized access can occur at many access points in network and is not limited to single location.
  • The data flowing over networks could be accessed; valuable information could be stolen while transmission or data could be altered without authorization.
  • The denial-of-service attacks are launched by intruders to disrupt website operations.
  • Internets are vulnerable than internal networks as it is open to everyone.

Explanation of Solution

Platform to address:

  • First platform:
    • o The Windows Vista Ultimate operated by high level administrators has access to areas that other users do not have.
    • o The core system operations are affected by task of administrators.
  • Second platform:
    • o The windows server with corporate applications denotes second platform.
    • o The business conduction may be affected if corporate applications are corrupted.
  • Third platform:
    • o The Sun Solaris with e-commerce and web servers denote third platform.
    • o The internal operations are ensured to be safe and secure...

Explanation of Solution

Types of control problems:

  • The types of control problems includes:
    • o General controls:
      • It governs design, security, and use of computer programs and data file security.
      • It is applied to all computerized applications.
      • It consists of a combination of software, hardware and manual procedures that creates overall control environment.
        • Windows Vista ultimate for high level administrators.
        • Sun Solaris for e-commerce and web servers.
    • o Application controls:
      • It denotes specific controls that are unique to each computerized application.
      • It includes payroll or order processing.
      • It includes both manual as well as automated procedures that ensure authorized data processing.
      • It can be classified as input controls, output controls and processing controls...

Explanation of Solution

Risk of ignoring security vulnerabilities:

  • The technical, environmental and organizational threats can be faced by information systems.
  • The top priority should be given system security and it should be ensured by managers at all levels.
  • The security awareness should be spread to all employees...

Blurred answer
Students have asked these similar questions
Chain Link Consulting is an information technology consulting company that focuses on system security concerns. When the company's president asks you to assist her with the preparation of a presentation for a group of potential clients at a trade show meeting next month, you say "yes." First and foremost, she would like you to examine system security concerns in light of all six security levels. Afterwards, she wants you to come up with a list of methods that Chain Link might evaluate a client's security procedures in order to obtain an accurate evaluation of their level of exposure.It was her way of making the situation more intriguing by saying that it was fine to be imaginative in your ideas, but that you should avoid proposing anything that would be unlawful or immoral. Example: It might be OK to pretend as a job candidate with phony references to see whether they were being reviewed, but it would be inappropriate to steal a lock and access the computer room to check on things.Your…
This week, your flooring sales and installation company client wants you to explain the different kinds of attack threats their business faces from hackers.    Write a 1- to 2-page memo or create a 1- to 2-page table that summarizes attack threats from hackers to any business, noting which are applicable to your client's business; how the vulnerabilities in a system can be exposed; and countermeasures that can mitigate against threats from attack.   Describe sniffing attacks, identify a protocol that is vulnerable to sniffing, and suggest appropriate countermeasures.   Describe session hijacking, provide an example of a specific threat from session hijacking, and recommend appropriate countermeasures for the threat.    Describe spoofing, provide an example of a specific threat from spoofing, and recommend appropriate countermeasures for the threat.    Describe poisoning attacks, provide an example of a specific threat from a poisoning attack, and recommend appropriate countermeasures…
CyberTech is a medium sized web application company that provides different software to its customers on SAS (Software as Service) model. After successful implementation and approaching maturity in business operations, board of the company decided to implement security framework to strengthen security posture and to gain more confidence of the customers.CISO of the organization recommends adopting ISO27001:2013 standard and get certified. CISO’s recommendations being appreciated by board and the CIO. CISO is being asked to write a report to explain;a. Steps involved in implementation of the standard.b. Deliverables associated with each step.Write an advisory report to the CIO covering the topics.
Knowledge Booster
Background pattern image
Similar questions
SEE MORE QUESTIONS
Recommended textbooks for you
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning