Chapter 10: Security and Ethical Challenges of E-Business

Size: px
Start display at page:

Download "Chapter 10: Security and Ethical Challenges of E-Business"

Transcription

1 Chapter 10: Security and Ethical Challenges of E-Business

2 Learning Objectives Identify several ethical issues in IT that affect employment, individuality, working condition, privacy, crime health etc. Identify several types of security management strategies and defenses. Propose several ways that business managers can help to lessen the harmful effects and increase the beneficial effects of the use of IT.

3 COMPUTER CRIME IN E- BUSINESS Defined by Association of Information Technology Professional (AITP) as including: The unauthorized use, access, modification and destruction of HW, SW, data or network resources. The unauthorized release of information. The unauthorized copying of SW. Denying end-user access to his own HW, SW, data or network resources. Using or conspiring to use computer or network resource to illegally obtain information.

4 COMPUTER CRIME

5 Hacking obsessive use of computers or the unauthorized access and use of networked computer systems. Hackers frequently assault the Internet or other network to steal data and programs or modify the contents of files and web pages.

6 Hacking Denial of service - hammering website's equipment with too many requests for information. Scans -probing the Internet to determine types of computer, services and connections. Sniffer - covert individual packet of data as they pass through the Internet. Spoofing - faking address or web page to trick users to pass critical information. Trojan horse - unknown program to users that contain instructions exploiting SW. Back doors - hidden ways to make re-entry easy and difficult to detect. Malicious applets - tiny programs (sometimes in Java) that misuses computer resources, modify files and steal password. War dialling - automatically dial thousands of telephone number in search modem connection. Logic bombs - instructions in a computer program that triggers a malicious act. Buffer overflow- crashing or gaining control of a computer by sending too much buffer to the memory. Password crackers - S W that can guess passwords. Social engineering - gaining access by talking to employee to reveal password. Dumpster diving - sifting through company's garbage to obtain information.

7 Cyber theft Involves the theft of money with unauthorized network entry and fraudulent alteration of computer databases. For example, hackers use the Internet to electronically break into bank systems and transfer funds to their bank account.

8 Unauthorized use of computer systems and networks The unauthorized use of computer systems and networks can be called time and resource theft. This includes using company-owned computer by employees for personal finances and playing games.

9 SW piracy It is the unauthorized copying of S W which is illegal because SW is intellectual property that is protected by copyright law and user licensing agreement. Piracy of intellectual property does not only apply to SW. Other forms of copyrighted materials such as music, books, videos and images are also vulnerable to piracy.

10 Computer viruses Virus technically is a program code that cannot work without being inserted into another program Worm is a distinct program that can run unaided. Computer viruses typically enter a computer system through and file attachments. Use of antivirus programs can help diagnose and remove computer viruses from infected files on hard disk.

11 PRIVACY ISSUES Computer matching: matching of personal profiles of individuals and selling of information accessed from TPS database to brokers. Spamming: the indiscriminate sending of unsolicited messages (spam) to many Internet users. It has also been used by hackers to disseminate viruses. Flaming: practice of sending extremely critical, derogatory and often impolite messages (flame ) or newsgroup postings to Internet and online users.

12 OTHER CHALLENGES Employment challenges Health issues Cumulative trauma disorder (CTD) caused by repetitive keystroke jobs that weakens their fingers, wrist, arms, necks and back and carpal tunnel syndrome which is a painful, crippling ailment of the hand and wrist that require surgeries to cure. Ergonomics provides solution to some of these health problems.

13 YOU AND ETHICAL RESPONSIBILITY Four basic ethical philosophies are: Egoism - what is best given for a given individual is right. Natural law - human should promote their own health and life, propagate, pursue knowledge of the world and God, pursue close relationships with others and submit to legitimate authority. Utilitarianism - those actions are right that produce the greatest good for the greatest number of people. Respect for persons - people should be treated as an end and not as a means to an end; actions are right if everyone adopts the moral rule presupposed by the action.

14 E-BUSINESS SECURITY Like any other vital assets of organizations, the IS HW, SW, networks, and data resources need to be protected by security measures to ensure their quality and beneficial use.

15 SECURITY MANAGEMENT Security management is the accuracy, integrity and safety of all e-business processes and resources. Its effectiveness can minimize error, frauds, and losses in e-business. Integration of various tools and methods must be acquired to protect company's e-business.

16 ENCRYPTION Using special mathematical algorithms or keys to transform digital data into a scrambled code before they are transmitted and decode the data when they are received. could be scrambled and encoded using public key that is known to the sender and unscrambled using private key that is only known by the recipient.

17

18 FIREWALLS Combination of HW and SW that control the security of a network. It can be a communication processor such as routers or servers with firewalls SW. Purpose: to protect a company's intranets and other network from intrusion by providing a filter and safe transfer points. Screens all network traffic for proper passwords or security codes and only allows authorized transmission in and out of the network. Denial of services is normally performed by criminal hackers via the Internet. These types of attacks depend on the three layers of networked computer systems; victim's websites, victim's ISP and "zombie" sites of cyber criminals.

19 MONITORING To scan troublesome words in that may be harmful to organizations.

20 OTHER SECURITY MEASURES Security codes: assigning of password Backup file: make duplicate copies of files and data Security monitor: implementation of SW to control and monitor computer systems and network Biometric security: devices that measure physical traits that make each individual unique, Computer failure controls: controls against power failure, electronic circuitry malfunctions, network problems and hidden programming errors. Fault tolerant system: redundant processors, peripherals and SW that provide fail-over capacity to back up components in the event of system failure. Disaster recovery: procedures that formalize the steps to be taken in the event of natural disaster.

21 E-BUS SYSTEM CONTROLS AND AUDITS

22 AUDIT A form of IS control to test the integrity of applications. Can be defined as the presence of documentation that allows transactions to be traced through all stages of information processing. While the audit trails of manual systems are easy to trace, the e-business have changed the form of audit trails. Auditors are required to search electronically through disk and tape files of past activity to follow the audit trail of e-business systems.

Introduction to Information Technology Turban, Rainer and Potter John Wiley & Sons, Inc. Copyright Chapter 12 1

Introduction to Information Technology Turban, Rainer and Potter John Wiley & Sons, Inc. Copyright Chapter 12 1 Introduction to Information Technology Turban, Rainer and Potter John Wiley & Sons, Inc. Copyright 2005 Chapter 12 1 IT Ethics, Impacts, and Security Chapter 12 2 Chapter Outline Ethical Issues Impact

More information

God is in the Small Stuff and it all matters. .In the Small Stuff. Security and Ethical Challenges. Introduction to Information Systems Chapter 11

God is in the Small Stuff and it all matters. .In the Small Stuff. Security and Ethical Challenges. Introduction to Information Systems Chapter 11 Introduction to Information Systems Essentials for the Internetworked E-Business Enterprise 1 Eleventh Edition 2 Chapter Objectives C h a p t e r 11 Eleventh Edition James A. O Brien Identify several ethical

More information

Discovering Computers Living in a Digital World

Discovering Computers Living in a Digital World Discovering Computers 2010 Living in a Digital World Objectives Overview Define the term, computer security risks, and briefly describe the types of cybercrime perpetrators Describe various types of Internet

More information

Chapter 6 Network and Internet Security and Privacy

Chapter 6 Network and Internet Security and Privacy Chapter 6 Network and Internet Security and Privacy Learning Objectives LO6.1: Explain network and Internet security concerns LO6.2: Identify online threats LO6.3: Describe cyberstalking and other personal

More information

Introduction to Computing

Introduction to Computing Introduction to Computing Engr. Abdul-Rahman Mahmood MS, PMP, MCP, QMR(ISO9001:2000) armahmood786@yahoo.com alphasecure@gmail.com alphapeeler.sf.net/pubkeys/pkey.htm http://alphapeeler.sourceforge.net

More information

IS Today: Managing in a Digital World 9/17/12

IS Today: Managing in a Digital World 9/17/12 IS Today: Managing in a Digital World Chapter 10 Securing Information Systems Worldwide losses due to software piracy in 2005 exceeded $34 billion. Business Software Alliance, 2006 Accessories for war

More information

CHAPTER 8 SECURING INFORMATION SYSTEMS

CHAPTER 8 SECURING INFORMATION SYSTEMS CHAPTER 8 SECURING INFORMATION SYSTEMS BY: S. SABRAZ NAWAZ SENIOR LECTURER IN MANAGEMENT & IT SEUSL Learning Objectives Why are information systems vulnerable to destruction, error, and abuse? What is

More information

II.C.4. Policy: Southeastern Technical College Computer Use

II.C.4. Policy: Southeastern Technical College Computer Use II.C.4. Policy: Southeastern Technical College Computer Use 1.0 Overview Due to the technological revolution in the workplace, businesses such as Southeastern Technical College (STC) have turned to computer

More information

Securing Information Systems

Securing Information Systems Chapter 7 Securing Information Systems 7.1 2007 by Prentice Hall STUDENT OBJECTIVES Analyze why information systems need special protection from destruction, error, and abuse. Assess the business value

More information

Overview. Handling Security Incidents. Attack Terms and Concepts. Types of Attacks

Overview. Handling Security Incidents. Attack Terms and Concepts. Types of Attacks Overview Handling Security Incidents Chapter 7 Lecturer: Pei-yih Ting Attacks Security Incidents Handling Security Incidents Incident management Methods and Tools Maintaining Incident Preparedness Standard

More information

Securing Information Systems

Securing Information Systems Chapter 7 Securing Information Systems 7.1 Copyright 2011 Pearson Education, Inc. STUDENT LEARNING OBJECTIVES Why are information systems vulnerable to destruction, error, and abuse? What is the business

More information

Ethics and Information Security. 10 주차 - 경영정보론 Spring 2014

Ethics and Information Security. 10 주차 - 경영정보론 Spring 2014 Ethics and Information Security 10 주차 - 경영정보론 Spring 2014 Ethical issue in using ICT? Learning Outcomes E-policies in an organization relationships and differences between hackers and viruses relationship

More information

SECURING INFORMATION SYSTEMS

SECURING INFORMATION SYSTEMS SECURING INFORMATION SYSTEMS (November 7, 2016) BUS3500 - Abdou Illia - Fall 2016 1 LEARNING GOALS Understand security attacks preps Discuss the major threats to information systems. Discuss protection

More information

e-commerce Study Guide Test 2. Security Chapter 10

e-commerce Study Guide Test 2. Security Chapter 10 e-commerce Study Guide Test 2. Security Chapter 10 True/False Indicate whether the sentence or statement is true or false. 1. Necessity refers to preventing data delays or denials (removal) within the

More information

Acceptable Use Policy

Acceptable Use Policy Acceptable Use Policy. August 2016 1. Overview Kalamazoo College provides and maintains information technology resources to support its academic programs and administrative operations. This Acceptable

More information

Cyber Security Practice Questions. Varying Difficulty

Cyber Security Practice Questions. Varying Difficulty Cyber Security Practice Questions Varying Difficulty 1 : This is a class of programs that searches your hard drive and floppy disks for any known or potential viruses. A. intrusion detection B. security

More information

19.1. Security must consider external environment of the system, and protect it from:

19.1. Security must consider external environment of the system, and protect it from: Module 19: Security The Security Problem Authentication Program Threats System Threats Securing Systems Intrusion Detection Encryption Windows NT 19.1 The Security Problem Security must consider external

More information

Management of IT Infrastructure Security by Establishing Separate Functional Area with Spiral Security Model

Management of IT Infrastructure Security by Establishing Separate Functional Area with Spiral Security Model Management of IT Infrastructure Security by Establishing Separate Functional Area with Spiral Security Model Abhijit Vitthal Sathe Modern Institute of Business Management, Shivajinagar, Pune 411 005 abhijit_sathe@hotmail.com

More information

DONE FOR YOU SAMPLE INTERNET ACCEPTABLE USE POLICY

DONE FOR YOU SAMPLE INTERNET ACCEPTABLE USE POLICY DONE FOR YOU SAMPLE INTERNET ACCEPTABLE USE POLICY Published By: Fusion Factor Corporation 2647 Gateway Road Ste 105-303 Carlsbad, CA 92009 USA 1.0 Overview Fusion Factor s intentions for publishing an

More information

Securing Information Systems

Securing Information Systems Introduction to Information Management IIM, NCKU System Vulnerability and Abuse (1/6) Securing Information Systems Based on Chapter 8 of Laudon and Laudon (2010). Management Information Systems: Managing

More information

Acceptable Use Policy

Acceptable Use Policy Acceptable Use Policy 1. Purpose The purpose of this policy is to outline the acceptable use of computer equipment at Robotech CAD Solutions. These rules are in place to protect the employee and Robotech

More information

Security and Authentication

Security and Authentication Security and Authentication Authentication and Security A major problem with computer communication Trust Who is sending you those bits What they allow to do in your system 2 Authentication In distributed

More information

UNIQUE IAS ACADEMY-COMPUTER QUIZ-15

UNIQUE IAS ACADEMY-COMPUTER QUIZ-15 1. Which menu should you access if you need to edit header or footer of a document: a) Insert b) Edit c) View 2. Watermark is available on: a) Insert b) Page Layout c) Format 3. Background color or picture

More information

Acceptable Use Policy

Acceptable Use Policy Acceptable Use Policy 1. Overview ONS IT s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to ONS established culture of openness, trust and integrity.

More information

Accounting Information Systems

Accounting Information Systems Accounting Information Systems Fourteenth Edition Chapter 6 Computer Fraud and Abuse Techniques ALW AYS LEARNING Learning Objectives Compare and contrast computer attack and abuse tactics. Explain how

More information

A Review Paper on Network Security Attacks and Defences

A Review Paper on Network Security Attacks and Defences EUROPEAN ACADEMIC RESEARCH Vol. IV, Issue 12/ March 2017 ISSN 2286-4822 www.euacademic.org Impact Factor: 3.4546 (UIF) DRJI Value: 5.9 (B+) A Review Paper on Network Security Attacks and ALLYSA ASHLEY

More information

Introduction. Controlling Information Systems. Threats to Computerised Information System. Why System are Vulnerable?

Introduction. Controlling Information Systems. Threats to Computerised Information System. Why System are Vulnerable? Introduction Controlling Information Systems When computer systems fail to work as required, firms that depend heavily on them experience a serious loss of business function. M7011 Peter Lo 2005 1 M7011

More information

Technology in Action

Technology in Action Technology in Action Chapter 7 Networking and Security: Connecting Computers and Keeping Them Safe from Hackers and Viruses 1 Peer-to-Peer Networks Nodes communicate with each other Peers Share peripheral

More information

Chapter 4 Network and Internet Security

Chapter 4 Network and Internet Security Understanding Computers in a Changing Society, 3 rd Edition Chapter 4 Network and Internet Security Learning Objectives Explain why computer users should be concerned about network and Internet security.

More information

Jacksonville State University Acceptable Use Policy 1. Overview 2. Purpose 3. Scope

Jacksonville State University Acceptable Use Policy 1. Overview 2. Purpose 3. Scope Jacksonville State University Acceptable Use Policy 1. Overview Information Technology s (IT) intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to Jacksonville

More information

Lesson-1 Computer Security

Lesson-1 Computer Security Threats to computer Security: What do they mean by a threat? Lesson-1 Computer Security A threat, in the context of computer security, refers to anything that has the potential to cause serious harm to

More information

Acceptable Use Policy

Acceptable Use Policy Acceptable Use Policy 1. Overview The Information Technology (IT) department s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to Quincy College s established

More information

Guide to Network Security First Edition. Chapter One Introduction to Information Security

Guide to Network Security First Edition. Chapter One Introduction to Information Security Guide to Network Security First Edition Chapter One Introduction to Information Security About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter

More information

INTERNAL ASSESSMENT TEST 3 Answer Keys

INTERNAL ASSESSMENT TEST 3 Answer Keys INTERNAL ASSESSMENT TEST 3 Answer Keys Subject & Code: Information Sytems-10IS72 Name of the faculty: Mrs. Aisha Begam Q. No Questions Marks 1 a) Explain the ethical responsibilities of business professionals.

More information

Securing Information Systems

Securing Information Systems Chapter 8 Securing Information Systems 8.1 2010 by Pearson LEARNING OBJECTIVES Explain why information systems are vulnerable to destruction, error, and abuse. Assess the business value of security and

More information

State of New Mexico Public School Facilities Authority Information Technology (IT) Acceptable Use Policy

State of New Mexico Public School Facilities Authority Information Technology (IT) Acceptable Use Policy State of New Mexico Public School Facilities Authority Information Technology (IT) Acceptable Use Policy Public School Facilities Authority, IT Acceptable Use Policy 1 State of NM Public School Facilities

More information

Security, Privacy and Authentication. Michael Power Gowling Lafleur Henderson LLP

Security, Privacy and Authentication. Michael Power Gowling Lafleur Henderson LLP Security, Privacy and Authentication Michael Power owling Lafleur Henderson LLP Why Security Autonomous Agents, Back Doors, Backup Theft, Call Forwarding Fakery, Condition Bombs, Covert Channels, Cracking,

More information

E-Commerce Security Pearson Prentice Hall, Electronic Commerce 2008, Efraim Turban, et al.

E-Commerce Security Pearson Prentice Hall, Electronic Commerce 2008, Efraim Turban, et al. E-Commerce Security 2008 Pearson Prentice Hall, Electronic Commerce 2008, Efraim Turban, et al. Learning Objectives 1. Explain EC-related crimes and why they cannot be stopped. 2. Describe an EC security

More information

Data Communication. Chapter # 5: Networking Threats. By: William Stalling

Data Communication. Chapter # 5: Networking Threats. By: William Stalling Data Communication Chapter # 5: By: Networking Threats William Stalling Risk of Network Intrusion Whether wired or wireless, computer networks are quickly becoming essential to everyday activities. Individuals

More information

Acceptable Use Policy

Acceptable Use Policy Acceptable Use Policy Effective: September 2, 2016 Purpose Montreat College is committed to protecting its employees, partners, and itself from illegal or damaging actions by individuals, either knowingly

More information

Cleveland State University General Policy for University Information and Technology Resources

Cleveland State University General Policy for University Information and Technology Resources Cleveland State University General Policy for University Information and Technology Resources 08/13/2007 1 Introduction As an institution of higher learning, Cleveland State University both uses information

More information

Module 20: Security. The Security Problem Authentication Program Threats System Threats Threat Monitoring Encryption. Operating System Concepts 20.

Module 20: Security. The Security Problem Authentication Program Threats System Threats Threat Monitoring Encryption. Operating System Concepts 20. Module 20: Security The Security Problem Authentication Program Threats System Threats Threat Monitoring Encryption 20.1 The Security Problem Security must consider external environment of the system,

More information

Security+ Practice Questions Exam Cram 2 (Exam SYO-101) Copyright 2004 by Que Publishing. International Standard Book Number:

Security+ Practice Questions Exam Cram 2 (Exam SYO-101) Copyright 2004 by Que Publishing. International Standard Book Number: Security+ Practice Questions Exam Cram 2 (Exam SYO-101) Copyright 2004 by Que Publishing International Standard Book Number: 0789731517 Warning and Disclaimer Every effort has been made to make this book

More information

MULTIPLE CHOICE. Choose the one alternative that best completes the statement or answers the question.

MULTIPLE CHOICE. Choose the one alternative that best completes the statement or answers the question. CS Chapter 7 Study Guide _ MULTIPLE CHOICE. Choose the one alternative that best completes the statement or answers the question. 1) Throughput, the actual speed of data transfer that is achieved in a

More information

Computer Security. Assoc. Prof. Pannipa Phaiboonnimit. Adapted for English Section by Kittipitch Kuptavanich and Prakarn Unachak

Computer Security. Assoc. Prof. Pannipa Phaiboonnimit. Adapted for English Section by Kittipitch Kuptavanich and Prakarn Unachak Computer Security Assoc. Prof. Pannipa Phaiboonnimit 1 Adapted for English Section by Kittipitch Kuptavanich and Prakarn Unachak Classification of Threats Computer Attack Intend to damage files, computers

More information

Principles of Information Security, Fourth Edition. Chapter 2 The Need for Security

Principles of Information Security, Fourth Edition. Chapter 2 The Need for Security Principles of Information Security, Fourth Edition Chapter 2 The Need for Security Learning Objectives Upon completion of this material, you should be able to: Demonstrate that organizations have a business

More information

2. INTRUDER DETECTION SYSTEMS

2. INTRUDER DETECTION SYSTEMS 1. INTRODUCTION It is apparent that information technology is the backbone of many organizations, small or big. Since they depend on information technology to drive their business forward, issues regarding

More information

Cybercrime Criminal Law Definitions and Concepts

Cybercrime Criminal Law Definitions and Concepts Cybercrime Criminal Law Definitions and Concepts How to Criminalize Attacks on Computer Networks and Information Computer Crime and Intellectual Property Section U.S. Department of Justice 1 Overview Introduction

More information

The Security Problem

The Security Problem CSC 4103 - Operating Systems Spring 2007 Lecture - XX Protection and Security Tevfik Koşar Louisiana State University April 12 th, 2007 1 The Security Problem Security must consider external environment

More information

GCIH. GIAC Certified Incident Handler.

GCIH. GIAC Certified Incident Handler. GIAC GCIH GIAC Certified Incident Handler TYPE: DEMO http://www.examskey.com/gcih.html Examskey GIAC GCIH exam demo product is here for you to test the quality of the product. This GIAC GCIH demo also

More information

CompTIA Security+ Malware. Threats and Vulnerabilities Vulnerability Management

CompTIA Security+ Malware. Threats and Vulnerabilities Vulnerability Management CompTIA Security+ Lecture Six Threats and Vulnerabilities Vulnerability Management Copyright 2011 - VTC Malware Malicious code refers to software threats to network and systems, including viruses, Trojan

More information

Chapter 4. Network Security. Part I

Chapter 4. Network Security. Part I Chapter 4 Network Security Part I CCNA4-1 Chapter 4-1 Introducing Network Security Introduction to Network Security CCNA4-2 Chapter 4-1 Introducing Network Security Why is Network Security important? Rapid

More information

Ethical Hacking and Countermeasures: Attack Phases, Second Edition. Chapter 1 Introduction to Ethical Hacking

Ethical Hacking and Countermeasures: Attack Phases, Second Edition. Chapter 1 Introduction to Ethical Hacking Ethical Hacking and Countermeasures: Attack Phases, Second Edition Chapter 1 Introduction to Ethical Hacking Objectives After completing this chapter, you should be able to: Understand the importance of

More information

Information Technology Enhancing Productivity and Securing Against Cyber Attacks

Information Technology Enhancing Productivity and Securing Against Cyber Attacks Information Technology Enhancing Productivity and Securing Against Cyber Attacks AGENDA Brief Overview of PortMiami Enhancing Productivity Using Technology Technology Being Using at the Port Cyber Attacks

More information

Certified Cyber Security Analyst VS-1160

Certified Cyber Security Analyst VS-1160 VS-1160 Certified Cyber Security Analyst Certification Code VS-1160 Vskills certification for Cyber Security Analyst assesses the candidate as per the company s need for cyber security and forensics. The

More information

A policy that the user agrees to follow before being allowed to access a network.

A policy that the user agrees to follow before being allowed to access a network. Part IV: Appendixes Appendix A. Glossary THESE DEFINITIONS WILL GIVE YOU A BASIC understanding of the terms used throughout this book. As with many technical definitions, more information may be required

More information

Chapter 1 B: Exploring the Network

Chapter 1 B: Exploring the Network Chapter 1 B: Exploring the Network Types of Networks The two most common types of network infrastructures are: Local Area Network (LAN) Wide Area Network (WAN). Other types of networks include: Metropolitan

More information

Online Security and Safety Protect Your Computer - and Yourself!

Online Security and Safety Protect Your Computer - and Yourself! Online Security and Safety Protect Your Computer - and Yourself! www.scscu.com Fraud comes in many shapes and sizes, but the outcome is simple: the loss of both money and time. That s why protecting your

More information

Information Technology Cyber Security Policy. Convergint Technologies, LLC

Information Technology Cyber Security Policy. Convergint Technologies, LLC Information Technology Cyber Security Policy Convergint Technologies, LLC September 2015 Convergint Technologies, LLC POLICY MANUAL Subject: CYBER SECURITY POLICY Approved: Tom Schmitt Effective Date:

More information

Cyber Criminal Methods & Prevention Techniques. By

Cyber Criminal Methods & Prevention Techniques. By Cyber Criminal Methods & Prevention Techniques By Larry.Boettger@Berbee.com Meeting Agenda Trends Attacker Motives and Methods Areas of Concern Typical Assessment Findings ISO-17799 & NIST Typical Remediation

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 3 Protecting Systems

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 3 Protecting Systems Security+ Guide to Network Security Fundamentals, Third Edition Chapter 3 Protecting Systems Objectives Explain how to harden operating systems List ways to prevent attacks through a Web browser Define

More information

Mobile MOUSe HACKING REVEALED ONLINE COURSE OUTLINE

Mobile MOUSe HACKING REVEALED ONLINE COURSE OUTLINE Mobile MOUSe HACKING REVEALED ONLINE COURSE OUTLINE COURSE TITLE HACKING REVEALED COURSE DURATION 20 Hour(s) of Self-Paced Interactive Training COURSE OVERVIEW The Hacking Revealed course teaches individuals

More information

Recognizing Fraud Staying Safe 2018 Information/Cyber Security Training

Recognizing Fraud Staying Safe 2018 Information/Cyber Security Training Recognizing Fraud Staying Safe 2018 Information/Cyber Security Training Copyright Sage Data Security 2017-2018 All Rights Reserved Presented by: John H Rogers, CISSP Director of Advisory Services john.rogers@sagedatasecurity.com

More information

Chapter 9 Security and Privacy

Chapter 9 Security and Privacy Chapter 9 Security and Privacy permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Overview This chapter covers: Security

More information

CHAPTER 3. Information Systems: Ethics, Privacy, and Security

CHAPTER 3. Information Systems: Ethics, Privacy, and Security CHAPTER 3 Information Systems: Ethics, Privacy, and Security CHAPTER OUTLINE 3.1 Ethical Issues 3.2 Threats to Information Security 3.3 Protecting Information Resources LEARNING OBJECTIVES n Describe the

More information

Personal Cybersecurity

Personal Cybersecurity Personal Cybersecurity The Basic Principles Jeremiah School, CEO How big is the issue? 9 8 7 6 5 4 3 2 1 Estimated global damages in 2018 0 2016 2018 2020 2022 2024 2026 2028 2030 Internet Users Billions

More information

CTS2134 Introduction to Networking. Module 08: Network Security

CTS2134 Introduction to Networking. Module 08: Network Security CTS2134 Introduction to Networking Module 08: Network Security Denial of Service (DoS) DoS (Denial of Service) attack impacts system availability by flooding the target system with traffic or by exploiting

More information

Chapter 12. Information Security Management

Chapter 12. Information Security Management Chapter 12 Information Security Management We Have to Design It for Privacy... and Security. Tension between Maggie and Ajit regarding terminology to use with Dr. Flores. Overly technical communication

More information

5. Execute the attack and obtain unauthorized access to the system.

5. Execute the attack and obtain unauthorized access to the system. Describe how a combination of preventive, detective, and corrective controls can be employed to provide reasonable assurance about information security. Before discussing the preventive, detective, and

More information

MU2a Authentication, Authorization & Accounting Questions and Answers with Explainations

MU2a Authentication, Authorization & Accounting Questions and Answers with Explainations 98-367 MU2a Authentication, Authorization & Accounting Questions and Answers with Explainations Which are common symptoms of a virus infection? (Lesson 5 p 135-136) Poor system performance. Unusually low

More information

Define information security Define security as process, not point product.

Define information security Define security as process, not point product. CSA 223 Network and Web Security Chapter One What is information security. Look at: Define information security Define security as process, not point product. Define information security Information is

More information

Network Fundamentals. Chapter 7: Networking and Security 4. Network Fundamentals. Network Architecture

Network Fundamentals. Chapter 7: Networking and Security 4. Network Fundamentals. Network Architecture Network Fundamentals Chapter 7: Networking and Security CS10001 Computer Literacy Network Two or more computers connected by hardware or software so that they can communicate with each other Nodes Devices

More information

Retail/Consumer Client Internet Banking Awareness and Education Program

Retail/Consumer Client Internet Banking Awareness and Education Program Retail/Consumer Client Internet Banking Table of Contents Securing Your Environment... 3 Unsolicited Client Contact... 3 Protecting Your Identity... 3 1) E-mail Risk... 3 2) Internet Risks... 4 3) Telephone

More information

IT ACCEPTABLE USE POLICY

IT ACCEPTABLE USE POLICY CIO Signature Approval & Date: IT ACCEPTABLE USE POLICY 1.0 PURPOSE The purpose of this policy is to define the acceptable and appropriate use of ModusLink s computing resources. This policy exists to

More information

Chapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each.

Chapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each. Name Date Chapter 10: Security After completion of this chapter, students should be able to: Explain why security is important and describe security threats. Explain social engineering, data wiping, hard

More information

Horry County IT /GIS Policy Acce table Use Com uter S stems

Horry County IT /GIS Policy Acce table Use Com uter S stems HORRY COUNTY IT/GIS DEPARTMENT 1301 Second Avenue Conway, South Carolina 29526 www.horrycounty.org Post Office Box 296 Conway, South Carolina 29528-0296 Phone: (843) 915-5240 Fax: (843) 915-6240 Horry

More information

Corporate Policy. Revision Change Date Originator Description Rev Erick Edstrom Initial

Corporate Policy. Revision Change Date Originator Description Rev Erick Edstrom Initial Corporate Policy Information Systems Acceptable Use Document No: ISY-090-10 Effective Date: 2014-06-10 Page 1 of 5 Rev. No: 0 Issuing Policy: Information Systems Department Policy Originator: Erick Edstrom

More information

Large-Scale Internet Crimes Global Reach, Vast Numbers, and Anonymity

Large-Scale Internet Crimes Global Reach, Vast Numbers, and Anonymity Computer Crime and Intellectual Property Section Large-Scale Internet Crimes Global Reach, Vast Numbers, and Anonymity Anthony V. Teelucksingh Computer Crime and Intellectual Property Section (CCIPS) Criminal

More information

CISNTWK-440. Chapter 4 Network Vulnerabilities and Attacks

CISNTWK-440. Chapter 4 Network Vulnerabilities and Attacks CISNTWK-440 Intro to Network Security Chapter 4 Network Vulnerabilities and Attacks Objectives Explain the types of network vulnerabilities List categories of network attacks Define different methods of

More information

Introduction to Information Security Dr. Rick Jerz

Introduction to Information Security Dr. Rick Jerz Introduction to Information Security Dr. Rick Jerz 1 Goals Explain the various types of threats to the security of information Discuss the different categorizations of security technologies and solutions

More information

2005 E-Crime Watch Survey Survey Results Conducted by CSO magazine in cooperation with the U.S. Secret Service and CERT Coordination Center

2005 E-Crime Watch Survey Survey Results Conducted by CSO magazine in cooperation with the U.S. Secret Service and CERT Coordination Center OVERALL RESULTS E-Crime Watch Survey: 2005 Field Dates: 3/3/05 3/14/05 Total completed surveys: 819 Margin of Error: +/- 3.4% NOTE TO EDITOR For the purpose of this survey, electronic crime, intrusion,

More information

Technology in Action 12/11/2014. Cybercrime and Identity Theft (cont.) Cybercrime and Identity Theft (cont.) Chapter Topics

Technology in Action 12/11/2014. Cybercrime and Identity Theft (cont.) Cybercrime and Identity Theft (cont.) Chapter Topics Technology in Action Alan Evans Kendall Martin Mary Anne Poatsy Eleventh Edition Technology in Action Chapter 9 Securing Your System: Protecting Your Digital Data and Devices Copyright 2015 Pearson Education,

More information

Training UNIFIED SECURITY. Signature based packet analysis

Training UNIFIED SECURITY. Signature based packet analysis Training UNIFIED SECURITY Signature based packet analysis At the core of its scanning technology, Kerio Control integrates a packet analyzer based on Snort. Snort is an open source IDS/IPS system that

More information

Online Threats. This include human using them!

Online Threats.   This include human using them! Online Threats There are many dangers from using the web (and computer in general). One should watch out for malware, automated programs designed to cause harm to you, your data, and your system. You are

More information

Intruders. significant issue for networked systems is hostile or unwanted access either via network or local can identify classes of intruders:

Intruders. significant issue for networked systems is hostile or unwanted access either via network or local can identify classes of intruders: Intruders significant issue for networked systems is hostile or unwanted access either via network or local can identify classes of intruders: masquerader misfeasor clandestine user varying levels of competence

More information

2. Firewall Management Tools used to monitor and control the Firewall Environment.

2. Firewall Management Tools used to monitor and control the Firewall Environment. Firewall Review Section 1 FIREWALL MANAGEMENT & ADMINISTRATION Common management practices with regard to administering the (company) network should be in accordance with company policies and standards.

More information

Cyber fraud and its impact on the NHS: How organisations can manage the risk

Cyber fraud and its impact on the NHS: How organisations can manage the risk Cyber fraud and its impact on the NHS: How organisations can manage the risk Chair: Ann Utley, Preparation Programme Manager, NHS Providers Arno Franken, Cyber Specialist, RSM Sheila Pancholi, Partner,

More information

Management Information Systems. B15. Managing Information Resources and IT Security

Management Information Systems. B15. Managing Information Resources and IT Security Management Information Systems Management Information Systems B15. Managing Information Resources and IT Security Code: 166137-01+02 Course: Management Information Systems Period: Spring 2013 Professor:

More information

Smeal College of Business - Central Firewall Rules and Policies

Smeal College of Business - Central Firewall Rules and Policies Smeal College of Business - Central Firewall Rules and Policies 1.0 Purpose The purpose of this policy is to outline the College s use and management of centralized firewall services. This policy will

More information

Home Computer and Internet User Security

Home Computer and Internet User Security Home Computer and Internet User Security Lawrence R. Rogers Version 1.0.4 CERT Training and Education Networked Systems Survivability Software Engineering Institute Carnegie Mellon University Pittsburgh,

More information

The Tension. Security vs. ease of use: the more security measures added, the more difficult a site is to use, and the slower it becomes

The Tension. Security vs. ease of use: the more security measures added, the more difficult a site is to use, and the slower it becomes s10 Security 1 The Tension Security vs. ease of use: the more security measures added, the more difficult a site is to use, and the slower it becomes Security vs. desire of individuals to act anonymously

More information

How To Remove Personal Antivirus Security Pro Virus Manually

How To Remove Personal Antivirus Security Pro Virus Manually How To Remove Personal Antivirus Security Pro Virus Manually Uninstall Antivirus Pro 2017 Virus (Manual Removal Guide) This type of virus uses false scan results and fake security alerts to scare computer

More information

Security Policies and Procedures Principles and Practices

Security Policies and Procedures Principles and Practices Security Policies and Procedures Principles and Practices by Sari Stern Greene Chapter 3: Information Security Framework Objectives Plan the protection of the confidentiality, integrity and availability

More information

Overview. Computer Network Lab, SS Security. Type of attacks. Firewalls. Protocols. Packet filter

Overview. Computer Network Lab, SS Security. Type of attacks. Firewalls. Protocols. Packet filter Computer Network Lab 2017 Fachgebiet Technische Informatik, Joachim Zumbrägel Overview Security Type of attacks Firewalls Protocols Packet filter 1 Security Security means, protect information (during

More information

SINGLE COURSE. NH9000 Certified Ethical Hacker 104 Total Hours. COURSE TITLE: Certified Ethical Hacker

SINGLE COURSE. NH9000 Certified Ethical Hacker 104 Total Hours. COURSE TITLE: Certified Ethical Hacker NH9000 Certified Ethical Hacker 104 Total Hours COURSE TITLE: Certified Ethical Hacker COURSE OVERVIEW: This class will immerse the student into an interactive environment where they will be shown how

More information

Introduction to Security. Computer Networks Term A15

Introduction to Security. Computer Networks Term A15 Introduction to Security Computer Networks Term A15 Intro to Security Outline Network Security Malware Spyware, viruses, worms and trojan horses, botnets Denial of Service and Distributed DOS Attacks Packet

More information

Language-Based Protection

Language-Based Protection Language-Based Protection Specification of protection in a programming language allows the high-level description of policies for the allocation and use of resources. Language implementation can provide

More information

GNS 312: DIGITAL SKILL ACQUISITION MODULE 6: COMPUTER SECURITY AND PRIVACY

GNS 312: DIGITAL SKILL ACQUISITION MODULE 6: COMPUTER SECURITY AND PRIVACY GNS 312: DIGITAL SKILL ACQUISITION MODULE 6: COMPUTER SECURITY AND PRIVACY By Dr. R. G. JIMOH, DR.(MRS) O. C. ABIKOYE, MR. A. O. BALOGUN OUTLINE CONCEPTS AND TERMINOLOGIES OF COMPUTER SECURITY CIA Triad

More information

Effective security is a team effort involving the participation and support of everyone who handles Company information and information systems.

Effective security is a team effort involving the participation and support of everyone who handles Company information and information systems. BACKED BY REFERENCE GUIDE Acceptable Use Policy GENERAL GUIDANCE NOTE: This sample policy is not legal advice or a substitute for consultation with qualified legal counsel. Laws vary from country to country.

More information

Introduction to Penetration Testing: Part One. Eugene Davis UAH Information Security Club February 21, 2013

Introduction to Penetration Testing: Part One. Eugene Davis UAH Information Security Club February 21, 2013 Introduction to Penetration Testing: Part One Eugene Davis UAH Information Security Club February 21, 2013 Ethical Considerations: Pen Testing Ethics of penetration testing center on integrity (ISC)² Code

More information