This website uses cookies to ensure you have the best experience. Learn more

Information Security Essay

1620 words - 7 pages

1. Why is information security a management problem? What can management do that technology cannot?
Management is responsible for implementing information security to protect the ability of the organization to function. They must set policy and operate the organization in a manner that complies with the laws that govern the use of technology. Technology alone cannot solve information security issues. Management must make policy choices and enforce those policies to protect the value of the organization’s data.

2. Why is data the most important asset an organization possesses? What other assets in the organization require protection?
Data is important to an organization because ...view middle of the document...

For example, if a hacker gains unauthorized access to a celebrity’s computer and discovers embarrassing photos or videos of the star, he could then blackmail the star into giving him money in exchange for keeping the photos quiet. This causes not only a monetary loss for the celebrity, but also a loss of privacy and security.

6. Why do employees constitute one of the greatest threats to information security?
Employees constitute one of the greatest threats to information security because employee mistakes can lead to the revelation of classified data, entry of erroneous data, accidental deletion or modification of data, the storage of data in unprotected areas, or they could fail to follow procedures to protect data.

7. What measures can individuals take to protect against shoulder surfing?
Individuals can protect themselves against shoulder surfing by not accessing personal or private information when another person is present and can see what is being entered.

8. How has the perception of the hacker changed over recent years? What is the profile of a hacker today?
The perception of a hacker has evolved from being a male, age 13-18, with limited parental supervision who spends all his free time at the computer to the current profile of being male or female, aged 12-60, with varying technical skill who could be internal or external to an organization.

9. What is the difference between a skilled hacker and an unskilled hacker (other than skill levels)? How does the protection against each differ?
An expert hacker is one who develops software scripts and codes to exploit unknown vulnerabilities. An expert hacker is a master of several programming languages, networking protocols, and operating systems. An unskilled hacker is one who uses scripts and code developed by skilled hackers. They rarely create or write their own hacks, and are unskilled in programming languages, networking protocols, and operating systems. Protecting against expert hackers is difficult because they use newly developed attack code not yet detectable by anti-virus programs. Protecting against unskilled hackers is easier because they use hacking codes that are publicly available and can be thwarted by simply staying up-to-date on the latest software patches and being aware of the latest tools being published by expert hackers.

10. What are the various types of malware? How do worms differ from viruses? Do Trojan horses carry viruses or worms?
The various types of malware include: viruses, worms, Trojan horses, logic bombs, and back doors. Worms differ from viruses in that they do not require a program environment to replicate itself. Trojan horses can disguise both viruses and/or worms as a non-threatening piece of software to get it into a computer network.

11. Why does polymorphism cause greater concern than traditional malware? How does it affect detection?
Polymorphism causes greater concern than traditional malware because the...

Other Papers Like Information Security

Information Security Audit Essay

1093 words - 5 pages Information Security Audit Name Institution Information Security Audit When conducting information security audit may people tends to confuse it with information systems audit. Information system audit is a substantial, expansive term that envelops boundary of obligations, equipment an server administration, incidents and problem administration, safety, network division, privacy and security assurance (Pathak, 2004). Then again, as the

Principles Of Information Security Essay

3291 words - 14 pages Principles of Information Security Fourth Edition Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional

Principles of Information Security

3241 words - 13 pages Principles of Information Security Fourth Edition Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove

Information Security Modification Recommendations

1323 words - 6 pages Tft2 Task3 In: Computers and Technology Information Security Modification Recommendations Service Level Agreement Between Finman Account Management, LLC, Datanal Inc., and Minertek, Inc. After careful review of the current Service Level Agreement(SLA) “A Service Level Agreement for Provvision of Specified IT Services Between Finman Account Management, LLC, Datanal, Inc., and Minertek, Inc.” we have determined that standard Information

Information System Security

1267 words - 6 pages ) for the back-up scheduling time cycle. Solution 7: The corporate security policy is out of date and each branch office differs, so you must research and define security operations and administration including the identification of information assets and documentation of policies, standards, procedures, and guidelines that ensure confidentiality, integrity, and availability. Business Continuity Plan: Richman needs to set down and revive the

Information System Security

1538 words - 7 pages . This has been mainstreamed into Linux and ported to several other systems, including the Solaris™ operating system, the FreeBSD® operating system, and the Darwin kernel. This provides a mechanism to enforce the separation of information based on confidentiality and integrity requirements and it allows threats of tampering and bypassing of application security mechanisms to be addressed while enabling the confinement of damage that can be caused

Principles Of Information Security

307 words - 2 pages essential part of every IT organization’s ability to sustain long-term competitiveness. When an organization depends on IT-based systems to remain viable, information security and the discipline of risk management must become an integral part of the economic basis for making business decisions. These decisions are based on trade-offs between the costs of applying information systems controls and the benefits realized from the operation of secured

Hipaa and Information Security

1176 words - 5 pages Darl A. Hammacher Jr. IST 293 21 July 2013 HIPAA and Information Security In a society where you can find out nearly everything about a person by simply using the internet, there are still certain aspects of people’s lives that remain private thanks to certain federal and state laws. These laws have been enacted to not only maintain privacy of patients, but to reduce costs and fraud in the field they are related to. The continued growth of

Information Systems Security

4584 words - 19 pages Fundamentals of Information Systems Security 1E REVISED 38351_FMxx_ttlcp.indd 1 8/1/12 1:00 PM 38351_FMxx_ttlcp.indd 2 8/1/12 1:00 PM Contents Ethics and Code of Conduct Preface LAB #1 ix vii Perform Reconnaissance and Probing Using Zenmap GUI (Nmap) Introduction Deliverables Hands-On Steps 1 1 3 14 15 2 Learning Objectives 1 Evaluation Criteria and Rubrics LAB #1 ASSESSMENT WORKSHEET LAB #2 Perform a

Information Security Policy

1790 words - 8 pages . Not transmit copyrighted materials without permission. 4. Know and abide by all applicable Hano policies dealing with security and confidentiality of company records. 5. Run a virus scan on any executable file(s) received through the Internet. 6. Avoid transmission of nonpublic customer information. If it is necessary to transmit nonpublic information, employees are required to take steps reasonably intended to ensure that information is

Chapter 1-Introduction to Information Security: Principles of Information Security

979 words - 4 pages Chapter 1-Introduction to Information Security: 1. What is the difference between a threat and a threat agent? A threat is a constant danger to an asset, whereas a threat agent is the facilitator of an attack. 2. What is the difference between vulnerability and exposure? Vulnerability: is a fault within the system, such as software package flaws, unlocked doors or an unprotected system port. It leaves things open to an attack or

Related Essays

Information Security Essay

988 words - 4 pages Human differences Human beings are prone to certain characteristics that tend to affect their relation to information security. Information security refers to the ability of an individual to ensure that information is free from any kind of access by unwarranted individuals. There are several human inadequacies that affect the level of information security. However, this discussion is going to concentrate on three major human characteristics

Information Security Essay

3941 words - 16 pages relationships with customers, communities, governments, regions, and the environment to fulfill their corporate social responsibility. Overall, Canon’s ambition is to add to “global prosperity and the well-being of mankind as [they] continue [their] efforts to bring the world closer to achieving kyosei.” (Canon, 2016) Sensitive Information the company contains or uses Canon has below sensitive information, our security plan will protect them. As

Information Security Essay

1990 words - 8 pages Running Head: INFORMATION TECHNOLOGY Information Security Introduction Information security is understood to be the way wherein which information is being secured within the organization. It is a must to check it upon that thing are likely to be understood at its best. It is a must to identify that organization should make it sure that all the confidential information is being protected and is safe from any kind of attack. The

Information Security Evaluation Essay

633 words - 3 pages Information Security Evaluation CMGT 441 June 16, 2014 Information Security Evaluation Introduction In today's age where technology is constantly developing and shifting faster than most individuals can recognize, one feature stand dependable is company resources. Of these resources, none seems more significant in the age of instant media than information. Safeguarding information can be crucial to a failure or achievement of the