Tuesday, September 2, 2008

Chapter 3 - Week 5

Chapter 3 Questions

1. Provide an IT example that relates to the ethical issues for the ideas of privacy, accuracy, property, and accessibility.

-Privacy issues such as collecting, storing and disseminating information about otherds.
-Accuracy issues which involves the authenticity and accuracy of info that is being collated
-Property issues involving ownershhip of information
-Accessibility issues which involoves the of who should have access to certain information and if they need to pay to use it.

2. What are the 5 general types of IT threats? Provide an example for each one
-Unintentional acts such as human error or carelessness, eg not saving a document in the correct location and getting it lost

-Natural Disasters- Acts of God which are unavoidable such as floods and earthquakes, eg lighting storm blows up powergrid causing a city to lose power.
-Technical Failures- Problems with both software and hardware that could lead from corrupt software or malfunctioning hardware eg-crashing computer
-Management failures- Lack of interest in peoples efforts or lack of funding- eg low level and outdate software still being used.
-Deliberate Acts-Committed by insiders of an organisation who deliberakty try to destroy or vandalise a companys software or hardware.

3. Describe/discuss three types of software attack and a problem that may result from them
  • Virus-Computer code that performs malicious and hurtful actions to a computer.
  • Worm-Again it is computer code that is designed to perform viscious attacks to a computer like a virus but also replicate and spread itself to other computers
  • Trogan Horse-Software that hides in computer programs and reveal designed behavour only when activated.-eg spread spam

    4. Describe the four major types of security controls in relation to protecting information systems.

    Four controls include:
  • Physical controls which prevent unauthorised individuals from gaining access to a company such as walls and gates.
  • Access Contorls restrict unauthorised users from using any information resources in a company involving both authorisation(determines actionsm rights and prigalvages of person) and authentication(determines identity of person)
  • Communication controls wuch as firewalls and encryption to secure the movement of data transfer.
  • Application controls which are security counter measures that protect specific applications.

    5. What is information system auditing?

    It is an examination of the controls within an information technology infrastructure of a company.

    6. What is the difference between authentication and authorization and why are they important to e-Commerce/give an example of their relevance to e-Commerce.

    Authorisation- determines actions, rights and prigalvages of person and authenticationdetermines identity of person by passwords and thumb scans.
  • They are important as they help protect our computers and information from others who dont have access to use it.

No comments: