Page 454 - Using MIS
P. 454
422 Chapter 10 Information Systems Security
aCtIve revIew
Use this Active Review to verify that you understand the ideas Define malware, and name five types of malware. Describe six
and concepts that answer the chapter’s study questions. ways to protect against malware. Summarize why malware is a
serious problem. Explain how PRIDE is designed for security.
Q1 What is the goal of information
systems security? Q6 How can data safeguards protect
against security threats?
Define threat, vulnerability, safeguard, and target. Give an ex-
ample of each. List three types of threats and five types of secu- Define data administration and database administration, and
rity losses. Give different examples for the three rows of Figure explain their difference. List data safeguards.
10-2. Summarize each of the elements in the cells of Figure 10-
3. Explain why it is difficult to know the true cost of computer Q7 How can human safeguards protect
crime. Explain the goal of IS security. against security threats?
Q2 How big is the computer security Summarize human safeguards for each activity in Figure
problem? 10-13. Summarize safeguards that pertain to nonemployee
personnel. Describe three dimensions of safeguards for ac-
Explain why it is difficult to know the true size of the computer count administration. Explain how system procedures can
security problem in general and of computer crime in particu- serve as human safeguards. Describe security monitoring
lar. List the takeways in this question and explain the meaning techniques.
of each.
Q8 How should organizations respond to
Q3 How should you respond to security security incidents?
threats?
Summarize the actions that an organization should take when
Explain each of the elements in Figure 10-7. Define IDS, and dealing with a security incident.
explain why the use of an IDS program is sobering, to say the
least. Define brute force attack. Summarize the characteristics Q9 2025?
of a strong password. Explain how your identity and password
do more than just open doors on your computer. Define cookie What, in the opinion of the author, is likely to happen regard-
and explain why using a program like CCleaner is a good ex- ing cyberwarfare in the next 10 years? Explain how the phrase
ample of the computer security trade-off. cat and mouse pertains to the evolution of computer crime.
Describe the types of security problems that are likely to occur
Q4 How should organizations respond to in the next 10 years. Explain how the focus of computer crimi-
security threats? nals will likely change in the next 10 years. Explain how this is
likely to impact smaller organizations, and you.
Name and describe two security functions that senior manage-
ment should address. Summarize the contents of a security using Your Knowledge
policy. Explain what it means to manage risk. Summarize the with priDe
steps that organizations should take when balancing risk and
cost. As an employee, investor, or advisor to PRIDE Systems, you
can use the knowledge of this chapter to understand the se-
Q5 How can technical safeguards protect curity threats to which any business is subject. You know the
against security threats? need to trade off cost versus risk. You also know three catego-
ries of safeguards and the major types of safeguards for each.
List five technical safeguards. Define identification and au- And, Zev Friedman you know what it means to design for secu-
thentication. Describe three types of authentication. Explain rity. You can also help ensure that PRIDE Systems employees
how SSL/TLS works. Define firewall, and explain its purpose. and PRIDE users create and use strong passwords.
