![Principles of Information Security (MindTap Course List)](https://www.bartleby.com/isbn_cover_images/9781337516938/9781337516938_largeCoverImage.jpg)
Principles of Information Security (MindTap Course List)
6th Edition
ISBN: 9781337516938
Author: WHITMAN
Publisher: Cengage
expand_more
expand_more
format_list_bulleted
Concept explainers
Expert Solution & Answer
Chapter 8, Problem 2EDM
Explanation of Solution
Key logger software:
Key logger is software which is used to monitor and record every key that is typed on specific computer’s keyboard.
“No”, it is not ethical on Charlie’s part...
Expert Solution & Answer
![Check Mark](/static/check-mark.png)
Trending nowThis is a popular solution!
![Blurred answer](/static/blurred-answer.jpg)
Students have asked these similar questions
Suppose Charlie had installed key logger software on all company computer systems and had made a copy of Peter's encryption key. Suppose that Charlie had this done without policy authority and without anyone's knowledge, including Peter's.
Would the use of such a tool be an ethical violation on Charlie's part? Is it illegal?
Suppose that Charlie had implemented the key logger with the knowledge and approval of senior company executives, and that every employee had signed a release that acknowledged the company can record all information entered on the company systems. Two days after Peter's call, Charlie calls back to give Peter his key: "We got lucky and cracked it early." Charlie says this to preserve Peter's illusion of privacy. Is such a "little white lie" an ethical action on Charlie's part?
Review each scenario carefully and respond to each question as either (very ethical, ethical, neither ethical nor unethical, unethical, very unethical) and justify your choice.
3. A student found a loophole in the university computer’s security system that allowed him access to other students’ records. He told the system administrator about the loophole, but continued to access others’ records until the problem was corrected two weeks later.
a.The student’s action in continuing to access others’ records for two weeks was:
Charlie was just getting ready to head home when the phone rang. Caller ID showed it was Peter.
“Hi, Peter,” he said into the receiver. “Want me to start the file cracker on your spreadsheet?”
“No, thanks,” Peter answered, taking the joke well. “I remembered my passphrase. But I want to get your advice on what we need to do to make the use of encryption more effective and to get it properly licensed for the whole company. I see the value in using it for certain kinds of information, but I’m worried about forgetting a passphrase again or even worse, that someone else forgets a passphrase or leaves the company. How would we get their filesback?”
“We need to use a feature called key recovery, which is usually part of PKI software,” said Charlie. “Actually, if we invest in PKI software, we could solve that problem as well as several others.”
“OK,” said Peter. “Can you see me tomorrow at 10 o’clock to talk about this PKI solution and how we can make better use of encryption?”
(Case Study…
Chapter 8 Solutions
Principles of Information Security (MindTap Course List)
Ch. 8 - Prob. 1RQCh. 8 - Prob. 2RQCh. 8 - Prob. 3RQCh. 8 - Prob. 4RQCh. 8 - Prob. 5RQCh. 8 - Prob. 6RQCh. 8 - Prob. 7RQCh. 8 - Prob. 8RQCh. 8 - Prob. 9RQCh. 8 - Prob. 10RQ
Ch. 8 - Prob. 11RQCh. 8 - Prob. 12RQCh. 8 - Prob. 13RQCh. 8 - Prob. 14RQCh. 8 - Prob. 15RQCh. 8 - Prob. 16RQCh. 8 - Prob. 17RQCh. 8 - Prob. 18RQCh. 8 - Prob. 19RQCh. 8 - Prob. 20RQCh. 8 - Prob. 1ECh. 8 - Prob. 2ECh. 8 - Prob. 3ECh. 8 - Prob. 4ECh. 8 - Prob. 5ECh. 8 - Prob. 1CEDQCh. 8 - Prob. 2CEDQCh. 8 - Prob. 1EDMCh. 8 - Prob. 2EDM
Knowledge Booster
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.Similar questions
- Consider the security weakness detected in the login and access system. Would the truth have altered anything? Is the company's loss recorded?arrow_forwardTake into consideration the recently found flaw in the system that handles authentication and access control. If this is the case, then what impact did it have on the activities that took place on a daily basis? Is there a record of the amount of money that has been lost by the company?arrow_forwardCreate a fictitious situation for the management of logins. Determine many methods of identification verification. Is the usage of passwords becoming more archaic?arrow_forward
- Provide an example of a fictitious login management situation. Different types of authentication procedures should be identified. Does the use of passwords seem to be fading away?arrow_forwardAre you able to provide an example of a particular scenario that calls for authentication? Think about the advantages and disadvantages of the different authentication techniques.arrow_forwardYou could find yourself in a discourse about security events involving access control or authentication at some point. To be more specific, how did it influence the day-to-day operations of the company? How much money does it seem like the company has thrown away?arrow_forward
- Is there any chance that authentication might help us reach our goals? Here, we'll take a look at the pros and cons of many authenticator methods and see how they stack up against one another.arrow_forwardLet us consider an application where we need to run a secure Information Management System.We are to receive very confidential information from our customers and keep them save in our system. These information are sent to us in the softcopy forms. We are to protect our customers’ confidentiality even from ourselves, we are not to see the information they bring to us, or else the confidentiality is compromised.Your job as computer security officer is to verify the authenticity of the important document received in order to save them under the appropriate users. Mind you; you have no access to the users’ usernames and passwords, you can store but cannot retrieve except the user himself.Secondly, you are to protect the passwords and usernames to make impossible for everyone (including the system administrators) except the users themselves to access even if the whole database is hacked or stolen.2. Which cryptographic mechanisms would you implement in order to protect the usernames and…arrow_forwardRespond to the following in a minimum of 175 words: Discuss a cryptography attack scenario. Choose an attack and explain how it works. Be sure to choose one that hasn’t been mentioned by another classmate. What countermeasures would you apply? How do the countermeasures you would use compare to those your classmates recommended for the attacks they chose? What do those similarities or differences tell you about fighting these types of attacks?arrow_forward
- The challenge-response paradigm of authentication needs a thorough elaboration. It's not obvious at first glance why it's safer than a password-based approach.arrow_forwardLet us consider an application where we need to run a secure Information Management System.We are to receive very confidential information from our customers and keep them save in our system. These information are sent to us in the softcopy forms. We are to protect our customers’ confidentiality even from ourselves, we are not to see the information they bring to us, or else the confidentiality is compromised.Your job as computer security officer is to verify the authenticity of the important document received in order to save them under the appropriate users. Mind you; you have no access to the users’ usernames and passwords, you can store but cannot retrieve except the user himself.Secondly, you are to protect the passwords and usernames to make impossible for everyone (including the system administrators) except the users themselves to access even if the whole database is hacked or stolen.1. Based on your knowledge in computer security, which cryptographic mechanisms would you…arrow_forwardWhat happens if the security of the information is not enforced? Where are mistakes more likely?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,
![Text book image](https://www.bartleby.com/isbn_cover_images/9781337405713/9781337405713_smallCoverImage.gif)
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,