SOFTWARE ENGINEERING >C<
null Edition
ISBN: 9781323165331
Author: SOMMERVILLE
Publisher: PEARSON C
expand_more
expand_more
format_list_bulleted
Expert Solution & Answer
Chapter 13, Problem 13.4E
Explanation of Solution
Threats to Mentcare System:
Mentcare system is used in many healthcare facilities and is designed for use in clinics attended by patients suffering from mental health problems and records details of their consultations and conditions.
Some of the threats to Mentcare systems are:
- Threat occurs at confidentiality of the system and its data: In the mentcare system, the confidentiality of the system and its data can disclose information to people or programs which are not authorized to have access of information.
- Threat: An unauthorized user gains access to system and makes the system unavailable.
- Control: One can control the above threat by only allowing system management from specific locations that are physically secure.
- Security: One must take care that diverse keys are available in events of emergency and key distribution must be taken care.
- Threat occurs at integrity of the system and its data: In the mentcare system, the system may damage or software and data may be corrupted programs by using these threats...
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solutionStudents have asked these similar questions
I need help filling out the table below.....
complete the entries in the second column by specifying the security design principle thatapplies to each scenario.......
In this discussion, we will look at four alternative logical security measures that, if implemented, would boost the amount of control that the system security administrator has access to. If these measures were implemented, the amount of control that the administrator has access to would increase.
Many organisations across different industries seem to ignore architectural risk analysis. In youropinion, explain why you would support architectural risk analysis as a blueprint for any securityprogram.
Knowledge Booster
Similar questions
- Where do you fit into the process of identifying and correcting vulnerabilities in the system's defenses? What exactly would have to happen in this case?arrow_forwardExplain the overall importance of security planning in anyorganizational environment where software systems are createdor deployed.arrow_forwardWe will look at four possible logical security measures that, if adopted, would increase the amount of control available to the system security administrator.arrow_forward
- In the context of software safety, what are the key differences between deterministic and probabilistic risk assessment methods, and when is each one more appropriate?arrow_forwardthe student will do the following: • Analyze the system for potential security issues. • Identify threats and/or vulnerabilities for the given scenario. • Choose and explain steps to mitigate identified threats and/or vulnerabilities.arrow_forwardExplain the concept of Safety Integrity Levels and their significance in software safety. How are SILs determined, and what is their relationship with risk reduction?arrow_forward
- One of the difficulties with computer security is that it is often seen as an afterthought, to be integrated into a system after it has been designed rather than being considered as an essential part of the design process from the beginning. If security is an afterthought, it is important to briefly explain the implications.arrow_forwardDraft a threat model for the following situation, making sure to include all of the relevant details: A writer brings his laptop with him to the CAF-POW coffee shop so that he may take use of the free public open WiFi that is available there.?arrow_forwardThink about a scenario where a threat actor changes the extension of files to avoid it being considered for investigation. What steps will you take to ensure a proper investigation can be carried out? Also state your plan of action in the case where you found a formatted HD? How will data be stored on it? What is a slack space?arrow_forward
- Using concrete examples might help you make your point more clear. In order to be a part of the information security function, conventional personnel practises are merged with controls and integrated with information security concepts in this area.arrow_forwardRun a speedy risk assessment on your computer. Identify the resources at your disposal, the threats you face, the extent of your exposure, and the potential consequences. Under each topic, jot down the parts of your system that you think are relevant. Which major problems did you discover? How can we decrease these risks? To what extent do you want to safeguard your own system? Will you really implement the plan? Then why not?arrow_forwardAt what point in a vulnerability assessment would an attack tree be utilized? a. Vulnerability appraisal b. Risk assessment c. Risk mitigation d. Threat evaluationarrow_forward
arrow_back_ios
arrow_forward_ios
Recommended textbooks for you
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,Principles of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning