Pearson eText for Software Engineering -- Instant Access (Pearson+)
10th Edition
ISBN: 9780137503148
Author: Ian Sommerville
Publisher: PEARSON+
expand_more
expand_more
format_list_bulleted
Concept explainers
Expert Solution & Answer
Chapter 14, Problem 14.8E
Explanation of Solution
Recognition resistance and strategies:
If the user is trying to move the prices from one trading system to another by making unauthorized access, the recognition, resistance and recovery strategies come into force so as to prevent it.
- With the use of recognition strategy, the operators of the system identify the unauthorized prices movement, which leads to system failure. The system then sends text messages to all the users that an unauthorized person is making the changes in prices.
- With the use of resistance strategy, the critical parts of the system are focused as it identifies the possibility of any cyber-attack on any trading system. As financial trading plays a vital role, it is focused in it.
- With the use of this strategy, the critical services of the system can be restored when the failure of system is occurred. With this the important trading information can be restored easily...
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solution
Students have asked these similar questions
The challenge response authentication system (CRAS) is a system that utilises a question and its corresponding answer to authenticate users. This system is designed to verify the identity of users by posing a challenge question and requiring the user to provide the correct response. What is the comparative level of security offered by this authentication method in contrast to a password-based approach?
Do you believe that unauthorised individuals were responsible for the most recent security breach that included access control and authentication and was reported in the news? Is there any indication that it has had any kind of an impact on the way that day-to-day activities are carried out? How much cash has been squandered by the company?
A keylogger was used to get the password of a victim's Facebook account, and the hacker tried to extort money from the victim. The victim is informed that the contents of his emails will be abused unless he pays the money. What was the offence that was committed in violation of RA 10175? What are the ramifications? Justify your answer.
Chapter 14 Solutions
Pearson eText for Software Engineering -- Instant Access (Pearson+)
Knowledge Booster
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.Similar questions
- The act of comparing and contrasting is utilised to analyse the distinct roles and obligations of diverse access control groups in the context of computer security.arrow_forward1)Measures providing appropriate security, and not necessarily the maximum security that is possible, is required to be generally deployed to protect the confidentiality and integrity of personal data? a)true b)falsearrow_forwardFirst, argue for the best information security practice, whether a block cipher or stream cipher should be used to encrypt a video data file sent through the internet as part of a major, successful entertainment service. The entertainment company has a large market share, and ample resources. Secondly, argue for the most secure choice of which kind of cipher should be used for the authentication exchange between the user and the entertainment service web portal. The entertainment service is expensive to the customer, and users are wary of the misuse of their accounts. Consider the nature of the traffic and its pattern, and the nature of the keys to use.arrow_forward
- The password of a victim's Facebook account was obtained via the use of a keylogger, and the hacker sought to extort money from the victim as a result of the theft. The victim is informed that the contents of his emails will be exploited unless he pays the required sum of money. What was the crime that was committed in violation of RA 10175? What are the ramifications of this decision? Please provide justification for your answer.arrow_forward(1) (a)Describe various issues or challenges for password-based user authentication. (b)Explain the defence mechanism for each of these challenges/ attacks.arrow_forwardIn the context of information security, a threat is any action or occurrence that might have a negative outcome for a computer system or application that is enabled by a vulnerability.a) Specify the many ways in which computer systems may be compromised.arrow_forward
- Analyze and contrast the various groups and responsibilities involved in the administration of computer security access.arrow_forwardi) A bank system should include the components of the “CIA triangle”. Discuss these THREE components and their main use. ii) Make up an intrusion scenario that could happen to the bank. How does the bank prevent, detect and react to the intrusionarrow_forwardOne possible approach to safeguarding data through the application of the "Principle of Confidentiality" is through the utilization of a "Cryptographic Technique." This technique involves the use of mathematical algorithms to encode and decode sensitive information, thereby rendering it unreadable to unauthorized parties. By employing such a technique, individuals and organizations can ensure that their data remains secure and protected from potential breaches or unauthorized access.arrow_forward
- QUESTION 5 Identify seven (7) categories of Access Controls and for each, provide an analytical evaluation of the securitycircumstances under which each may be appropriately applied.arrow_forwardIn what ways, in your opinion, must the safety of data be guaranteed both while it is being transferred and while it is being stored? Which of the following techniques has been shown to be the most successful with regard to the criterion of data integrity and user authentication?arrow_forwardThe challenge-response authentication mechanism is a security protocol that verifies the identity of a user attempting to access a system or service. This mechanism involves a challenge, which is a request for the user to provide a response that proves their identity. The response is typically a password or other form of authentication credential. The challenge-response mechanism is designed to prevent unauthorised access to sensitive information or resources by ensuring that only authorised users are granted access. The specific features of this approach that confer enhanced security compared to a conventional password-based methodology are not readily apparent.arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
Fundamentals of Information SystemsComputer ScienceISBN:9781337097536Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Principles of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage Learning
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning