Question

1. Compare unauthorized data access with unauthorized data modification. Which do you think is the more serious issue? Explain.
2. Name and briefly describe three methods of breaching data security. Which do you think is potentially the most serious? Explain.
3. In your own words, describe how Secure Socket Layer (SSL) technology works.
4. What is disaster recovery? Can the techniques for backup and recovery be used for disaster recovery?

Answer 1

Question 1:Compare unauthorized data access with unauthorized data modification. Which do you think is the more serious issue? Explain.
Ans: Unauthorized Data Access: It means gaining access to some website, program, server or service which you are restricted to. There are various ways of getting unauthorized access like guessing the passwords, hacking the system , etc.
Unauthorized Data Modification: It means getting access to modify the restricted data. The intruder can manipulate the data and even change its destination address.
Unauthorized Data Access is a more serious issue as the intruder can directly see the restricted data and can use this data to gain profit. So, if we want security, the data first needs to be protected and restricted that nobody can access it if he is not bound to. Then, comes the picture of unauthorized data modification. So if we secure our data not to be accessed by the intruders, then automatically our data is saved from modification.

Question 2: Name and briefly describe three methods of breaching data security. Which do you think is potentially the most serious? Explain.
Ans: The three methods for breaching the security are:
1. Viruses or Malware: The intruders use some software which will be sent to the user via email. After, the user downloads that software, that can affect your computer. They can either be some malware or viruses.
2. Impersonation of an Organisation: The intruders can create a bogus email or duplicate website to get the information from the user. This is called a phishing mechanism.
3. Denial of Service Attacks: Through this attack, the intruders are capable of crashing the website. Hackers can make a website unavailable for other users by sending it waste data.
Impersonation of an Organisation is the potentially most serious as intruder has the capability to get the details which can be very confidential.

Question 3:In your own words describe how Secure Socket Layer (SSL) technology works.
Ans: SSL is a security protocol where data is sent in an encrypted way from server and client. It is used for sending confidential data. It works on the key and pair relationship where before sending the data, the authentication takes place and if the authentication passes, then data is sent to client in an encrypted way. So, there is a concept of using the public and private keys for the authentication and public key can only be decrypted with the help of private key and vice versa. After the authentication is done, the data will flow.

Question 4: What is disaster recovery? Can the techniques for backup and recovery be used for disaster recovery?
Ans: Disaster Recovery is defined as gaining access to the application, data, and resources after an outage. It may require switching of new servers until the complete data center is working properly.
Disaster Recovery is different from backup and recovery as having a copy of data will not help in keeping the system work properly. But, the keeping of data backup and recovery plans can help in disaster recovery as they are also part of making the system work properly.

Friend, That was a really nice question to answer. If you like the reply, do like it. Thanks.