ESS.OF MIS W/MYMISLAB+MYITLAB >IC< >LL
2nd Edition
ISBN: 9781323482476
Author: LAUDON
Publisher: PEARSON C
expand_more
expand_more
format_list_bulleted
Question
Chapter 8, Problem 1RQ
Program Plan Intro
System vulnerability:
- When huge data amounts are been kept in electronic form, it becomes susceptible to many threats.
- The information systems in many locations are been interconnected through communication networks.
- The unauthorized access can occur at many access points in network and is not limited to single location.
- The data flowing over networks could be accessed; valuable information could be stolen while transmission or data could be altered without authorization.
- The denial-of-service attacks are launched by intruders to disrupt website operations.
- Internets are vulnerable than internal networks as it is open to everyone.
Expert Solution
Explanation of Solution
Threats against contemporary information systems:
- The common threats against contemporary information systems are shown below:
-
o Technical threats:
- It includes unauthorized access and introducing errors.
-
o Communications:
- It includes tapping of conversations.
- Message alteration, radiation, fraud and theft.
- Denial of service attacks
-
o Corporate Systems:
- Theft of data
- Data copying
- Data Alteration
- Hardware failure
- Software failure
- Power failure
- Natural disasters.
-
o Poor management decisions:
- Poor design of safeguard
- It causes valuable data being lost or destroyed.
-
o Technical threats:
Explanation of Solution
Malware:
- A malware denotes a program that is harmful to a computer user.
- It includes viruses, worms, Trojan horses and spyware programs that gather information without user permission.
- Virus:
- o A program that would replicate itself by being copied.
- o It may initiate copying to another program, document or computer boot sector.
- Worm:
- o It denotes a virus that is self-replicating and does not alter files but resides in active memory.
- o It duplicates itself without human intervention.
- Trojan horse:
-
o A program in which malicious code is contained inside data or
programming that is harmless. - o It is not a virus as it does not replicate, but it denotes a way for other malicious code to be introduced into system.
-
o A program in which malicious code is contained inside data or
Explanation of Solution
Security problems created by hacker:
- A hacker denotes an individual who gains unauthorized access to computer system.
- It does so by finding security protection weakness in websites and computer systems.
- A hacker threatens
computer system security , steals information, damages systems and commits cyber vandalism. - They disrupt, deface or destroy a website or
information system intentionally.
Explanation of Solution
Computer crime with examples:
- A computer crime denotes any violations of criminal law that involves knowledge of computer technology for perpetration, investigation or prosecution.
- It is defined as commission of illegal acts through use of a computer or against computer system.
- The examples with computers as crime targets are shown below:
- o Confidentiality breach for protected computerized data.
- o Unauthorized access to computer systems.
- o Accessing protected computers for committing fraud.
- o Accessing protected computers for causing damage intentionally.
- o Transmission of a program that causes damage to protected computer.
- The examples with computers as instruments of crime are shown below:
- o Trade secrets theft.
- o Defraud schemes.
- o Using threatening mails.
- o Attempt to intercept electronic communication intentionally.
- o Illegal access of stored communications including voice mail and email.
- o Transmission of child pornography using computer.
Explanation of Solution
Identity theft and phishing:
- Identity theft denotes a crime in which personal information pieces are obtained.
- It includes social security number, license number or credit card number to act as behalf of someone else.
- The information might be used for obtaining credit, merchandise or services in name of victim.
- It is a big problem today as internet has made easy for identity thieves to use stolen information.
- The goods could be purchased online without any personal interaction.
- The e-commerce sites become sources for personal information that criminals uses to establish a new identity.
- Phishing denotes setting up fake websites or sending fake mails that look like those from legitimate business.
- It asks users for confidential personal data.
- The user may ask recipients to confirm records by providing social security numbers, credit card information and other personal details.
Explanation of Solution
Security and system reliability problems:
- The employees create financial threats to business. It includes destruction of e-commerce sites, diversion of credit data and personal information.
- Employees has access to privileged information and in presence of weak security procedures, they can check all personal details.
- The system compromise happens when an employee lets coworker use the system.
- Malicious intruders may trick employees into password revealing pretending to be legitimate company members.
- The faulty data could be entered by employees and can introduce errors.
- Information specialists can create software errors while designing and development of new software.
Explanation of Solution
Software defects affect system reliability and security:
- The software could fail to perform well or gives erroneous result because of undetected bugs.
- A control system may fail to carry messages or allow internet access.
- The customers may be wrongly charged due to such failures.
- The business may order more inventory than it requires.
- The bugs or defects caused by incorrect designs denote major quality problems.
- The maintenance of old programs that is caused by changes in organization,
system design flaws and software complexity denotes a problem. - The small bugs in middle of complex programs may create serious issues in testing.
Want to see more full solutions like this?
Subscribe now to access step-by-step solutions to millions of textbook problems written by subject matter experts!
Students have asked these similar questions
QUESTION 1 1. Differentiate between digital natives and digital immigrants. 2. Discuss the three ways that technology can be abused by individuals. 3. What are (cyber)deviance, cybercrime, and cyberterrorism?
QUESTION 2 1. Differentiate between nation-state and non-nation-state hackers. 2. List three key norms and values of the hacker subculture.3. Identify the various terms used to define and differentiate hackers. 4. Discuss the common types of scans.
QUESTION 3 1. How does a Virus Scanner work? 2. What is a spyware? 3. Differentiate between on-demand virus scanners and ongoing virus scanner.4. What are the application gateway, application-level proxy, and application proxy?5. What is the purpose of port scanning? 6. What is the Stateful Packet Inspection (SPI)? QUESTION 4 1. Differentiate between Denial-of-service (DoS) and Distributed Denial of Service (DDoS). 2. Describe the following items: Flood attack ICMP flood attack UDP flood attack3. How do you protect the…
What is the concept of cybersecurity in computer science, and how is it used to protect computer systems, networks, and data from unauthorized access, theft, and damage? Discuss the different types of cybersecurity threats, including malware, phishing, and social engineering, and provide examples of cybersecurity measures, such as firewalls and encryption.
What is the concept of cybersecurity in computer science, and how is it used to protect computer systems and networks from unauthorized access, theft, damage, or disruption? Discuss the different types of cybersecurity threats, including malware, phishing, and denial-of-service attacks, and provide examples of cybersecurity measures, such as firewalls, antivirus software, and encryption.
Chapter 8 Solutions
ESS.OF MIS W/MYMISLAB+MYITLAB >IC< >LL
Knowledge Booster
Similar questions
- 5: With the recent issues around the globe related to Cyberattacks has generated a lot of discussions, on the “ Moral & Ethical Principles” to the use of computer technology.Your responses to Q5 should address the following relevant issues:(a) Explain the importance of computer security (b) Privacy; (c) Access and (d) Accuracy.arrow_forwardThis week we learned about information security, its threats, and vulnerabilities. Using the Web or Regent Library resources, find another source of information about threats and vulnerabilities. Share your findings about current threats and vulnerabilities. State why information security is aligned with the mission of Regent University - "Regent University serves as a center of Christian thought and action to provide excellent education through a biblical perspective and global context equipping Christian leaders to change the world".arrow_forwardMCQ : Identify the category of Attacker based on the event narrated below."A hacker, hacking into an online store's computer system, steals credit card numbers and uses the stolen credit card numbers to buy merchandise." a. White-Hat Hackers b. Black-Hat Hackers c. Cyber Terrorists d. Script Kiddiesarrow_forward
- Q.1 What is the difference between industrial spying and the gathering of competitive intelligence? Is the use of competitive intelligence ethical or unethical? Why? Q2. A successful distributed denial-of-service attack requires the downloading of software that turns unprotected computers into zombies under the control of the malicious hacker. Should the owners of the zombie computers be fined or otherwise punished as a means of encouraging people to better safeguard their computers? Why or why not?arrow_forwardQ.5.2 Argue for and against the establishment of legislations such as the Protection ofPersonal Information.Q.5.3 Your classmates have been distributing messages via WhatsApp thatdiscriminate against certain people. Referring to the draft cybercrimes andcybersecurity bill, what would be the consequences (if any) for the above act?arrow_forwardHuman error or failure can be described as acts performed without intent ormalicious purpose or ignorance by an authorised user.Considering the statement above, discuss how social engineering is one of the actsthat necessitate the need for information security for any finance industryorgansiation. In your answer, you must state what social engineering is and use anytwo types or forms of social engineering in the context of information security asexamples.arrow_forward
- Search the internet for the first part and for the second one, try to reason out or give your own opinion by choosing just three (3) from the five (5) questions below letter B. A. The world of cybercrime has a jargon all its own. What do the following terms mean? Zero-day attack Data diddling Salami shaving Vandalism Denial of service Dead drop Man-in-the-middle Honeypot B. What do you think? / In your own opinion……. Should a computer virus distribution sentence carry the same penalty as manslaughter? Should it be a crime to steal a copy of computer data while leaving the original data in place and unaltered? Should hackers be sent to jail if they cannot pay restitution to companies and individuals who lost money as the result of a prank? Do you think that a hacker would make a good computer-security consultant?arrow_forwardWhich is not a component of Digital Forensics? a. Preparation b. Containment c. Eradication d. All are components Which is not a type of hacking? Hactivism Nation-State Cyber Ethicalarrow_forwardIs there a difference between a hacktivist and a cyberterrorist, in your opinion? Hacktivists may be deemed a war crime if they are used by the government to target enemy groups. That's a bold claim. Cyber-terrorists may be able to aid.arrow_forward
- 1. What methods does a social engineering hacker use to gain information about a user’s login ID and password? How would this method differ if it targeted an administrator’s assistant versus a data-entry clerk? 2. Consider the information stored in your personal computer. Do you currently have information stored in your computer that is critical to your personal life? If that information became compromised or lost, what effect would it have on you? 3. There are a number of professional organizations for computer security. Search for two organizations and share the websites and descriptions of those organizations. Share that information here:4. Choose two of the US federal agencies listed in Chapter 3 that deal with computer/cybercrime. List at least three differences, in terms of reach or responsibility, between the two organizations.arrow_forwardQ2: What are the potential liabilities associated with limiting individual rights? Are the potential protections afforded by greater government scrutiny worth the reduction in individual freedom? it's cyber security classarrow_forwardBetween the spyware and malware which one pose more threats than the other. Give supportive points on behalf of your answer.arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Fundamentals of Information SystemsComputer ScienceISBN:9781337097536Author:Ralph Stair, George ReynoldsPublisher:Cengage LearningPrinciples of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage Learning
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning