1.Too many users 2.Technical factors 3.Organizational factors 4.Environmental factors 5.Poor management decisions Which of the following is not a source.

Slides:



Advertisements
Similar presentations
Lecture 14 Securing Information Systems
Advertisements

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.
McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved Business Plug-In B6 Information Security.
The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.
7.1 © 2007 by Prentice Hall 7 Chapter Securing Information Systems.
Security+ Guide to Network Security Fundamentals
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Lecture 10 Security and Control.
Lecture 10 Security and Control.
10.1 © 2006 by Prentice Hall 10 Chapter Security and Control.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.
S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Misbahuddin Azzuhri SE. MM. CPHR.
Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) = * 5, = $ What happens to the.004? =
Chapter 8 Security and Control.
10.1 © 2006 by Prentice Hall 10 Chapter Security and Control.
Security. Introduction to Security Why do we need security? What happens if data is lost? –Wrong business decisions through lack of information –Long-term.
Securing Information Systems
Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj
7.1 © 2007 by Prentice Hall 10 Chapter Securing Information Systems.
ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.
PART THREE E-commerce in Action Norton University E-commerce in Action.
7.1 © 2007 by Prentice Hall 7 Chapter Securing Information Systems.
BUSINESS B1 Information Security.
Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?
Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.
Prepared by: Dinesh Bajracharya Nepal Security and Control.
Viruses & Destructive Programs
8.1 CSC 601 Management Information Systems Chapter 8 Securing Information Systems.
C8- Securing Information Systems
8.1 © 2007 by Prentice Hall Minggu ke 6 Chapter 8 Securing Information Systems Chapter 8 Securing Information Systems.
Management Information Systems Chapter Eight Securing Information Systems Md. Golam Kibria Lecturer, Southeast University.
Types of Electronic Infection
1 Chpt. 12: INFORMATION SYSTEM QUALITY, SECURITY, AND CONTROL.
1 Class 15 System Security. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access,
1 Computer Crime Often defies detection Amount stolen or diverted can be substantial Crime is “clean” and nonviolent Number of IT-related security incidents.
CPS ® and CAP ® Examination Review OFFICE SYTEMS AND TECHNOLOGY, Fifth Edition By Schroeder and Graf ©2005 Pearson Education, Inc. Pearson Prentice Hall.
McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved Business Plug-In B6 Information Security.
1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.
Topic 5: Basic Security.
Computer Skills and Applications Computer Security.
C8- Securing Information Systems Facebook Virus Update your Adobe Flash! Security and Control ***
Chapter 7 1Artificial Intelligent. OBJECTIVES Explain why information systems need special protection from destruction, error, and abuse Assess the business.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
ESTABLISHING AND MANAGING IT SECURITY Prepared by : Siti Mahani Mahmud Yong Azua Mat Zaliza Azan.
10.1 © 2006 by Prentice Hall 10 Chapter Security and Control.
Securing Information Systems
Securing Information Systems
Add video notes to lecture
Instructor Materials Chapter 7 Network Security
Fundamentals of Information Systems
Securing Information Systems
– Communication Technology in a Changing World
Malware, Phishing and Network Policies
ISNE101 Dr. Ken Cosh Week 13.
INFORMATION SYSTEMS SECURITY and CONTROL
HOW DO I KEEP MY COMPUTER SAFE?
Securing Information Systems
Computer Security By: Muhammed Anwar.
Chapter # 3 COMPUTER AND INTERNET CRIME
Presentation transcript:

1.Too many users 2.Technical factors 3.Organizational factors 4.Environmental factors 5.Poor management decisions Which of the following is not a source of common threats against contemporary information systems?

1.Too many users 2.Technical factors 3.Organizational factors 4.Environmental factors 5.Poor management decisions Which of the following is not a source of common threats against contemporary information systems? In the multitier client/server computing environment, vulnerabilities exist at each layer and in the communications between the layers.

1.eavesdropping. 2.war driving. 3.driving interception. 4.wireless interception. 5.Not sure The act of eavesdroppers driving by buildings or parking outside and intercepting wireless network traffic is called…

1.eavesdropping. 2.war driving. 3.driving interception. 4.wireless interception. 5.Not sure The act of eavesdroppers driving by buildings or parking outside and intercepting wireless network traffic is called… Wireless networks in many locations do not have basic protections against war driving, thereby leaving the networks susceptible to eavesdropping and transmission interceptions.

1.spyware. 2.spam. 3.groupware. 4.malware. 5.macroware. Computer viruses, worms, and Trojan horses are collectively called…

1.spyware. 2.spam. 3.groupware. 4.malware. 5.macroware. Computer viruses, worms, and Trojan horses are collectively called… Malicious software programs are referred to as malware and constitute major threats to corporate and private systems.

1.Trojan horse. 2.worm. 3.virus. 4.spoofer. 5.spammer. A rogue software program that attaches itself to other software programs or data files in order to be executed is called a…

1.Trojan horse. 2.worm. 3.virus. 4.spoofer. 5.spammer. A rogue software program that attaches itself to other software programs or data files in order to be executed is called a… Most computer viruses deliver a “payload” that may be relatively benign or highly destructive. Viruses typically spread from computer to computer when humans send an infected or copy an infected file.

1.Trojan horse. 2.worm. 3.virus. 4.spoofer. 5.spammer. A software program that appears to be benign, but then does something other than expected is called a…

1.Trojan horse. 2.worm. 3.virus. 4.spoofer. 5.spammer. A software program that appears to be benign, but then does something other than expected is called a… A Trojan horse is not itself a virus because it does not replicate, but is often a way for viruses or other malicious code to be introduced into a computer system.

1.Trojan horse 2.worm. 3.virus. 4.spoofer. 5.spammer. An independent computer program that copies itself from one computer to others over a network and operates on its own is referred to as a …

1.Trojan horse. 2.worm. 3.virus. 4.spoofer. 5.spammer. An independent computer program that copies itself from one computer to others over a network and operates on its own is referred to as a … Worms rely less on human behavior in order to spread from computer to computer than do viruses. This explains why computer worms spread much more rapidly than computer viruses.

1.a spoofer. 2.a sniffer. 3.spyware. 4.spam. 5.spybot. A type of eavesdropping program that monitors information traveling over a network is known as…

1.a spoofer. 2.a sniffer. 3.spyware. 4.spam. 5.spybot. A type of eavesdropping program that monitors information traveling over a network is known as… When used legitimately, sniffers can help identify potential network trouble-spots or criminal activity on networks, but when used for criminal purposes, they can be damaging and difficult to detect.

1.spoofing. 2.identity theft. 3.denial of service attack. 4.fraud. 5.breach of confidentiality. A crime in which an imposter obtains key pieces of personal information in order to impersonate another person is known as…

1.spoofing. 2.identity theft. 3.denial of service attack. 4.fraud. 5.breach of confidentiality. A crime in which an imposter obtains key pieces of personal information in order to impersonate another person is known as… Identity theft is the fastest growing crime in the United States. Stolen information can be used to obtain credit, merchandise, or services in the name of the victim or to provide the thief with false credentials.

1.phishing. 2.faking. 3.spotting. 4.denial of service. 5.theft. The act of setting up fake Web sites or sending s that look like those of legitimate businesses asking users for confidential personal data is called…

1.phishing. 2.faking. 3.spotting. 4.denial of service. 5.theft. The act of setting up fake Web sites or sending s that look like those of legitimate businesses asking users for confidential personal data is called… The instructs recipients to update or confirm records by providing social security numbers, bank and credit card information, and other confidential data by responding to the or by entering the information at a bogus Web site.

1.the competition. 2.customers. 3.suppliers. 4.the government. 5.insiders. The largest financial threats to business institutions come from…

1.the competition. 2.customers. 3.suppliers. 4.the government. 5.insiders. The largest financial threats to business institutions come from… Some of the largest disruptions to service, destruction of e- commerce sites, and diversion of customer credit data and personal information have come from insiders—once trusted employees.

1.suppliers. 2.customers. 3.business partners. 4.employees. 5.networks. A major source of errors introduced into an information system comes from…

1.suppliers. 2.customers. 3.business partners. 4.employees. 5.networks. A major source of errors introduced into an information system comes from… Employees—both end users and information systems specialists—can introduce errors by entering faulty data or by not following the proper instructions for processing data and using computer equipment.

1.customer input. 2.supplier access. 3.presence of hidden bugs. 4.network access points. 5.business partner input. A major problem with software is…

1.customer input. 2.supplier access. 3.presence of hidden bugs. 4.network access points. 5.business partner input. A major problem with software is… Studies have shown that it is virtually impossible to eliminate all bugs from large programs. The main source of bugs is the complexity of decision-making code.

1.HIPAA 2.Gramm-Leach-Bliley Act 3.Sarbanes-Oxley Act of ISO Child Decency Act Which of the following pieces of government legislation was designed to protect investors from financial scandals?

1.HIPAA 2.Gramm-Leach-Bliley Act 3.Sarbanes-Oxley Act of ISO Child Decency Act Which of the following pieces of government legislation was designed to protect investors from financial scandals? This Act imposes responsibility on companies and their management to safeguard the integrity of the information that is used internally and released externally. The Act has had a significant impact on how information systems are structured and maintained.

1.general controls. 2.input controls. 3.processing controls. 4.output controls. 5.network controls. The type of control associated with the accuracy and completeness of data when they enter the system is referred to as…

1.general controls. 2.input controls. 3.processing controls. 4.output controls. 5.network controls. The type of control associated with the accuracy and completeness of data when they enter the system is referred to as… There are specific input controls for input authorization, data conversion, data editing, and error handling.

1.Value of information assets 2.Points of vulnerability 3.Likely frequency of a problem 4.Potential for damage 5.Cost of erroneous data Which of the following is not an element of a risk assessment?

1.Value of information assets 2.Points of vulnerability 3.Likely frequency of a problem 4.Potential for damage 5.Cost of erroneous data Which of the following is not an element of a risk assessment? A risk assessment determines the level of risk to the firm if a specific activity or process is not properly controlled.

1.Ranking information risks 2.Identifying acceptable security goals 3.Level of acceptable risk 4.Number of network access points 5.Identifying security goals Which of the following is not an integral part of a well-formulated security policy?

1.Ranking information risks 2.Identifying acceptable security goals 3.Level of acceptable risk 4.Number of network access points 5.Identifying security goals Which of the following is not an integral part of a well-formulated security policy? The chief security officer is responsible for enforcing the firm’s security policy.

1.Fault-tolerant systems 2.High-availability systems 3.Limiting the number of users 4.Load balancing 5.Mirroring Which of the following is not a method of ensuring business continuity associated with information systems?

1.Fault-tolerant systems 2.High-availability systems 3.Limiting the number of users 4.Load balancing 5.Mirroring Which of the following is not a method of ensuring business continuity associated with information systems? As companies increasingly rely on digital networks for their revenue and operations, they need to take additional steps to ensure that their systems and applications are always available.

1.Access control 2.Authentication 3.Biometric authentication 4.Firewalls 5.Spyware Which of the following consists of all the policies and procedures a company uses to prevent improper system access by unauthorized outsiders?

1.Access control 2.Authentication 3.Biometric authentication 4.Firewalls 5.Spyware Which of the following consists of all the policies and procedures a company uses to prevent improper system access by unauthorized outsiders? To gain access to a system, a user must be authorized and authenticated. Access control is the first step to ensure that happens.

1.Intrusion Detection systems 2.Authentication 3.Biometric authentication 4.Firewalls 5.Spyware Which of the following access controls is based on the measurement of a physical or behavioral trait that makes each individual unique?

1.Intrusion Detection systems 2.Authentication 3.Biometric authentication 4.Firewalls 5.Spyware Which of the following access controls is based on the measurement of a physical or behavioral trait that makes each individual unique? Biometric authentication represents a promising new technology that can overcome some of the limitations of passwords for authenticating system users.

1.secure sockets layer. 2.public key infrastructure. 3.secure hypertext transfer protocol. 4.transport layer security. 5.digital certificates. A method for encrypting data flowing over the Internet, but limited to Web documents is…

1.secure sockets layer. 2.public key infrastructure. 3.secure hypertext transfer protocol. 4.transport layer security. 5.digital certificates. A method for encrypting data flowing over the Internet, but limited to Web documents is… S-HTTP encrypts data flowing over the Internet from Web documents. Secure sockets layer and transport layer security encrypt all data being passed between client and server.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.