Thursday, October 17, 2019

Management information system Essay Example | Topics and Well Written Essays - 2000 words

Management information system - Essay Example Confidentiality ensures that the information is not accessed by any person who is not authorized. Integrity ensures that the data is not modified or altered by unauthorized users and authentication deals with ensuring that the user is actually the person he claims to be. These days computers are used by everyone from banking to shopping and communicating with others. Though there might not be any secret information in your data but one would not want a stranger getting access to his/her information. Intruders often gain control to anyone’s computer so that they can use it for their attacks on other confidential systems. According to (Caldwell 175) computer security has five fundamental functional areas which are listed below: Risk Avoidance This is a basic security fundamental which deals with questions like unrestricted internet access, business engaging in risky activities and standardization on a desktop operating system. Prevention This consists of implementing security to the system in order to avoid any attacks. Complete prevention is desirable but not achievable. Deterrence It deals with the threats to information assets, consisting of communication strategies which are developed and designed to catch the intruders when they attack the system. Detection It works well with preventive measures. When prevention fails, detection should be started in order to minimize the damage. It also includes activities like log-keeping and auditing. Recovery When all measures fail and the intruder has successfully attacked the system and nothing has worked, it is important to focus on recovery. Includes backing up servers, internet connections and other similar recovery activities. Attacking Techniques There have been various techniques used by intruders these days to attack a single computer or a network. Some of them are listed and described briefly below: Viruses A virus is such a program that when it is executed it works within the security policy completely. When a virus is activated, that is when it becomes a part of a process; it makes use of a Trojan horse to look for the authorized environment for executable programs which are modifiable and then attaches itself with all such programs. Hence, when these programs are executed, the virus activates and spreads throughout the executable code of the computer. Viruses can create, modify, move, replicate and erase the files on a computer in order to engage much of the computer’s memory and causes the system not to function properly. Some viruses even have the ability to duplicate themselves and attack to other programs. An infected email attachment is one of the most common and easy ways to get a virus. (Caldwell 212) Trojan Horse A Trojan horse attack can be designed to attain any desired goals by the attacker. Trojan horse attacks are one of the most serious threats to computer security. If a computer has been attacked with a Trojan horse, it may not be the only computer under att ack but unknowingly it is used to attack several other computers. Trojan Horses are usually built and attached to the source code of an original program and is made to remain dormant until an attempt is made to overcome security. For example a Trojan horse may appear in the form of a computer game, which once double clicked, starts writing on parts of your hard drive, corrupting the data. Trap door A trapdoor is normally an entrance to the

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.