Chapter 3 Questions
1. Provide an IT example that relates to the ethical issues for the ideas of privacy, accuracy, property, and accessibility.
-Privacy issues such as collecting, storing and disseminating information about otherds.
-Accuracy issues which involves the authenticity and accuracy of info that is being collated
-Property issues involving ownershhip of information
-Accessibility issues which involoves the of who should have access to certain information and if they need to pay to use it.
2. What are the 5 general types of IT threats? Provide an example for each one
2. What are the 5 general types of IT threats? Provide an example for each one
-Unintentional acts such as human error or carelessness, eg not saving a document in the correct location and getting it lost
-Natural Disasters- Acts of God which are unavoidable such as floods and earthquakes, eg lighting storm blows up powergrid causing a city to lose power.
-Natural Disasters- Acts of God which are unavoidable such as floods and earthquakes, eg lighting storm blows up powergrid causing a city to lose power.
-Technical Failures- Problems with both software and hardware that could lead from corrupt software or malfunctioning hardware eg-crashing computer
-Management failures- Lack of interest in peoples efforts or lack of funding- eg low level and outdate software still being used.
-Deliberate Acts-Committed by insiders of an organisation who deliberakty try to destroy or vandalise a companys software or hardware.
3. Describe/discuss three types of software attack and a problem that may result from them
- Virus-Computer code that performs malicious and hurtful actions to a computer.
- Worm-Again it is computer code that is designed to perform viscious attacks to a computer like a virus but also replicate and spread itself to other computers
- Trogan Horse-Software that hides in computer programs and reveal designed behavour only when activated.-eg spread spam
4. Describe the four major types of security controls in relation to protecting information systems.
Four controls include: - Physical controls which prevent unauthorised individuals from gaining access to a company such as walls and gates.
- Access Contorls restrict unauthorised users from using any information resources in a company involving both authorisation(determines actionsm rights and prigalvages of person) and authentication(determines identity of person)
- Communication controls wuch as firewalls and encryption to secure the movement of data transfer.
- Application controls which are security counter measures that protect specific applications.
5. What is information system auditing?
It is an examination of the controls within an information technology infrastructure of a company.
6. What is the difference between authentication and authorization and why are they important to e-Commerce/give an example of their relevance to e-Commerce.
Authorisation- determines actions, rights and prigalvages of person and authenticationdetermines identity of person by passwords and thumb scans. - They are important as they help protect our computers and information from others who dont have access to use it.
No comments:
Post a Comment