Question 1:Compare unauthorized data access
with unauthorized data modification. Which do you think is the more
serious issue? Explain.
Ans: Unauthorized Data Access: It means gaining
access to some website, program, server or service which you are
restricted to. There are various ways of getting unauthorized
access like guessing the passwords, hacking the system , etc.
Unauthorized Data Modification: It means getting access to modify
the restricted data. The intruder can manipulate the data and even
change its destination address.
Unauthorized Data Access is a more serious issue as the intruder
can directly see the restricted data and can use this data to gain
profit. So, if we want security, the data first needs to be
protected and restricted that nobody can access it if he is not
bound to. Then, comes the picture of unauthorized data
modification. So if we secure our data not to be accessed by the
intruders, then automatically our data is saved from
modification.
Question 2: Name and briefly describe three
methods of breaching data security. Which do you think is
potentially the most serious? Explain.
Ans: The three methods for breaching the security
are:
1. Viruses or Malware: The intruders use some software which will
be sent to the user via email. After, the user downloads that
software, that can affect your computer. They can either be some
malware or viruses.
2. Impersonation of an Organisation: The intruders can create a
bogus email or duplicate website to get the information from the
user. This is called a phishing mechanism.
3. Denial of Service Attacks: Through this attack, the intruders
are capable of crashing the website. Hackers can make a website
unavailable for other users by sending it waste data.
Impersonation of an Organisation is the potentially most serious as
intruder has the capability to get the details which can be very
confidential.
Question 3:In your own words describe how
Secure Socket Layer (SSL) technology works.
Ans: SSL is a security protocol where data is sent
in an encrypted way from server and client. It is used for sending
confidential data. It works on the key and pair relationship where
before sending the data, the authentication takes place and if the
authentication passes, then data is sent to client in an encrypted
way. So, there is a concept of using the public and private keys
for the authentication and public key can only be decrypted with
the help of private key and vice versa. After the authentication is
done, the data will flow.
Question 4: What is disaster recovery? Can the
techniques for backup and recovery be used for disaster
recovery?
Ans: Disaster Recovery is defined as gaining access to the
application, data, and resources after an outage. It may require
switching of new servers until the complete data center is working
properly.
Disaster Recovery is different from backup and recovery as having a
copy of data will not help in keeping the system work properly.
But, the keeping of data backup and recovery plans can help in
disaster recovery as they are also part of making the system work
properly.
Friend, That was a really nice question to answer. If you like the reply, do like it. Thanks.
Compare unauthorized data access with unauthorized data modification. Which do you think is the more serious...
Please help Network Security Fundamentals You are reviewing logs and notice that a large amount of outbound traffic from 1:00am - 4:00am. Your company works a traditional 8:00am - 5:00pm and uses an in house backup solution. What could this be a sign of? Cloud backup Bad login information Aliens Data Exfiltration Which of the following can help protect against an insider threat? Select all that apply DLP Seperation of duties Aliens Job/Position rotation Social media can introduce considerable risk...
A local hospital asks you to help improve its networks fault tolerance. The hospitals network carries critical patient care data in real time from both a mainframe host and several servers to workstations in operating rooms, doctors offices, the billing office, teaching labs, and remote clinics across the region. Of course, all of the data transferred is highly confidential and must not be lost or accessed by unauthorized personnel. Specifically, the network is configured as follows: Six hundred workstations are...
1. Of the 15 risks that Starbuck's management discloses, which one do you think could most adversely affect the balance sheet and why? 2. Of the 15 risks that Starbuck's management discloses, which one do think could most you adversely affect the income statement and why? 3. Of the 15 risks that Starbuck's management discloses, which one do you think could most adversely affect the Cash Flow Statement and why? 4. Risk number 10 above states "Increases in the cost...
CASE 8 Unlocking the Secrets of the Apple iPhone in the Name of access the male San Bernardino suspect's iPhone 5c. Cook stated: Antiterrorism We are challenging the FBI's demands with the deepes respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications While we believe the FBI's intentions are good, if would be wrong for the w e nt to force...
Whose perspective do you agree with—Sandy's or Grace's? Why? Do you think there are important differences between the cases of Henrietta Lacks, Jean, and the Havasupai? Explain your answer. Are there cases of advances in medical knowledge that do not, at least potentially, threaten to violate the privacy of individual patients? CASE STUDY: Timothy B. Patrick, Peter J. Tonellato, and Mark A. Hoffman Two health sciences graduate students, Sandy and Grace, are discussing the value of clinical uses of genetic...
Have you ever considered how we come to understand the world around us? Think about that question for a minute. What is science, and how do we use it to solve real-world problems? In our first discussion, I want to delve into thinking about the nature of biology. This includes what it is, the major themes, and how we come to form claims or knowledge. You should spend approximately 3 hours on this assignment. Instructions Use the text readings and...
Background You are the co-owner of a company that sells commercial 3D printers and printing parts. Your company has 10 employees and revenues of almost $40 million dollars a year. Increasingly, customers have been asking that you allow bitcoin as a payment method. Some of these customers are overseas. While you know that some of your competitors use it, all you know about it is what you’ve read in the news: that’s its popular, volatile, potentially low cost, and may...
IT's About Business 4.1 The Heartbleed Bug What Is Heartbleed? OpenSSL, an open-source software package, is a popular type of transport layer security (TLS) software (discussed later in this chapter) that secures numerous websites around the world. Web servers use OpenSSL to encrypt sites. Such sites show up in browsers with a “lock” icon and the “https” prefix in the address bar. The encryption protects Internet sites offering banking, shopping, email, and other private communications. Roughly two out of three...
Garden Glory Project Questions The following Garden Glory database design is used in Chapter 3: OWNER (OwnerID, OwnerName, OwnerEmail, OwnerType) PROPERTY (PropertyID, PropertyName, Street, City, State, Zip, OwnerID) EMPLOYEE (EmployeeID, LastName, FirstName, CellPhone, ExperienceLevel) SERVICE (PropertyID, EmployeeID, SeviceDate, HoursWorked) The referential integrity constraints are: OwnerID in PROPERTY must exist in OwnerID in OWNER PropertyID in SERVICE must exist in PropertyID in PROPERTY EmployeeID in SERVICE must exist in EmployeeID in EMPLOYEE Garden Glory has modified the EMPLOYEE table by adding...
The discussion: 150 -200 words. Auditing We know that computer security audits are important in business. However, let’s think about the types of audits that need to be performed and the frequency of these audits. Create a timeline that occurs during the fiscal year of audits that should occur and “who” should conduct the audits? Are they internal individuals, system administrators, internal accountants, external accountants, or others? Let me start you: (my timeline is wrong but you should use some...