Principles of Information Systems (MindTap Course List)
13th Edition
ISBN: 9781305971776
Author: Ralph Stair, George Reynolds
Publisher: Cengage Learning
expand_more
expand_more
format_list_bulleted
Question
Chapter 13, Problem 2CE
Program Plan Intro
Security policy:
- A security policy defines an organization’s security requirements.
- It provides controls and consents needed for meeting requirements.
- A security policy is a well written document in an organization giving the guidelines to how to protect the organization from threats.
- It includes
computer security threats, and how to handle situations when they do occur. - A good security policy must identify all of a company's assets as well as all the potential threats to those assets.
- The employees of the company need to be kept updated on the company's security policies.
- The policies themselves should also be updated regularly.
Expert Solution & Answer
Trending nowThis is a popular solution!
Students have asked these similar questions
Nearly a decade has passed since the
National Academy of Engineers declared
Cyber Security a "grand challenge for the
next century." Every day there is news on
ways in which cyber security challenges
and responses are complicating every
aspect of our lives. Can the challenge be
solved?
As a first step to solving any problem, one
must understand its nature. So, it is
important for all cyber security analysts to
keep on top of news stories in the field. In
this discussion forum we will do just that
with the hope that everyone will make it a
daily habit throughout their career.
Today, some cyber news has been flooded
out of the headlines by Hurricane Harvey,
but as noted in this article, cyber concerns
are front and center as students return to
school.
If you're a network security administrator, one of your responsibilities is to identify and defend your organization's network from malicious malware that spreads on its own. We'll go through numerous strategies for achieving this with you. Describe, in your own words, a workable automated approach for protecting your network.
Question#1 – One of the most sophisticated attacks on record was carried out by a virus known as
Stuxnet. Stuxnet first appeared in 2009 but became widely known in 2011 when it was revealed
that it had apparently severely damaged or incapacitated the high-speed centrifuges involved in
Iran’s uranium enrichment program. Read about Stuxnet and see what strategy/tactics you can
devise based on software quality attributes against it
Chapter 13 Solutions
Principles of Information Systems (MindTap Course List)
Ch. 13.1 - Prob. 1RQCh. 13.1 - Prob. 2RQCh. 13.1 - Prob. 1CTQCh. 13.1 - Prob. 2CTQCh. 13.2 - Prob. 1RQCh. 13.2 - Prob. 2RQCh. 13.2 - Prob. 1CTQCh. 13.2 - Prob. 2CTQCh. 13 - Prob. 1SATCh. 13 - Prob. 2SAT
Ch. 13 - Prob. 3SATCh. 13 - Prob. 4SATCh. 13 - Prob. 5SATCh. 13 - Prob. 6SATCh. 13 - Prob. 7SATCh. 13 - Prob. 8SATCh. 13 - Prob. 9SATCh. 13 - Prob. 10SATCh. 13 - Prob. 11SATCh. 13 - Prob. 12SATCh. 13 - Prob. 13SATCh. 13 - Prob. 14SATCh. 13 - Prob. 1RQCh. 13 - Prob. 2RQCh. 13 - Prob. 3RQCh. 13 - Prob. 4RQCh. 13 - Prob. 5RQCh. 13 - Prob. 6RQCh. 13 - Prob. 7RQCh. 13 - Prob. 8RQCh. 13 - Prob. 9RQCh. 13 - Prob. 10RQCh. 13 - Prob. 11RQCh. 13 - Prob. 12RQCh. 13 - Prob. 13RQCh. 13 - Prob. 14RQCh. 13 - Prob. 15RQCh. 13 - Prob. 16RQCh. 13 - Prob. 1DQCh. 13 - Prob. 2DQCh. 13 - Prob. 3DQCh. 13 - Prob. 4DQCh. 13 - Prob. 5DQCh. 13 - Prob. 6DQCh. 13 - Prob. 7DQCh. 13 - Prob. 1PSECh. 13 - Prob. 2PSECh. 13 - Prob. 1TACh. 13 - Prob. 2TACh. 13 - Prob. 3TACh. 13 - Prob. 1WECh. 13 - Prob. 2WECh. 13 - Prob. 3WECh. 13 - Prob. 1CECh. 13 - Prob. 2CECh. 13 - Prob. 3CECh. 13 - Prob. 1CTQ1Ch. 13 - Prob. 2CTQ1Ch. 13 - Prob. 3CTQ1Ch. 13 - Prob. 1CTQ2Ch. 13 - Prob. 2CTQ2Ch. 13 - Prob. 3CTQ2
Knowledge Booster
Similar questions
- You are asked to do some research, and write a report that answers the following questions about Digital Fingerprinting: You should tackle the following points: What is Digital Fingerprinting and for what purposes is it used? How does the fingerprinting algorithm work? Describe its principle of operation. Certain steps are followed to reach the desired result- either block, delete or authorize usage of content. Some cybersecurity experts say that fingerprinting is abusive and exposes the privacy issues of users. Certain solutions were done by some browsers for blocking browser fingerprinting. Describe the measures taken by any of the browsers as a fingerprint defense mechanism. List two common Fingerprinting Algorithms. Report Writing: You should follow the following guidelines while writing your report: Your report should be between 400 and 500 words in length. Ensure that your report has an appropriate structure and writing style. Your report…arrow_forwardYou have been hired as a cybersecurity consultant for ACME. ACME has millions of customer records as they process payments for the retail industry. ACME's direct competitor, EMCA, has recently lost critical customer information due to a crypto-malware attack. ACME's executives have asked you to come up with a security plan to decrease the risk and potential impact of crypto-malware attacks. Please suggest the most appropriate security strategy (policies, people, products, etc.) to accomplish this task.arrow_forwardExplain the part that firewalls play in keeping your firm secure and what they do specifically. What are the advantages and disadvantages of using firewalls, both hardware and software, and why is it necessary to choose one kind of firewall over another? What sorts of software tools do you employ in order to examine the security of the information technology infrastructure at your organisation? Is there anything you can do that would enable you to circumvent the web filtering system that is present on a website?arrow_forward
- One of the most sophisticated attacks on record was carried out by a virus known as Stuxnet. Stuxnet first appeared in 2009 but became widely known in 2011 when it was revealed that it had apparently severely damaged or incapacitated the high-speed centrifuges involved in Iran’s uranium enrichment program. Read about Stuxnet and see what strategy/tactics you can devise based on software quality attributes against itarrow_forwardImagine you're an IT security analyst for a medium-sized corporation. Despite implementing robust antivirus software across all company devices, several malware incidents have occurred over the past year. Analyze the factors contributing to the ineffectiveness of the antivirus solution. What additional measures or adjustments would you recommend to enhance the cybersecurity posture of the organization?arrow_forwardYour firm has around 200 workers and contractors, and you are in charge of training them all on computer security. What topics would you cover in the fundamental security training session that you would conduct for workers who are not involved in IT? What type of further training on matters pertaining to security would be acceptable for staff after they have a firm grasp on the fundamentals?arrow_forward
- If you could explain what the difference is between a hack and a virus and how a corporation may prevent hackers from accessing its accounts, I'd much appreciate it.arrow_forwardWhat are the many types of security vulnerabilities that your computer might be exposed to? What measures may be taken to mitigate these risks? Discuss the strategies in a concise manner. How can you tell if your computer has been infected by a virus?arrow_forwardI wanted to know what the pros of setting a firewall were.arrow_forward
- Do those who work in IT stress about the moral implications of email encryption?arrow_forwardMost hackers start their careers breaking into computer systems as teenagers. What can we as a community of computer professionals do to reduce the temptation to become a hacker? What is the difference between a white hat hacker and a black hat hacker? Is there such a thing as a gray hat hacker?arrow_forwardHacktivists often use DDoS attacks against organizations that they perceive as being opposed to them. This includes not only government but also journalists, publications, and human rights groups. Google's parent Alphabet has stepped up to help with thwarting DDoS against these groups. Since 2016 Project Shield has thwarted DDoS attacks against hundreds of websites in over 80 countries. These attacks were directed at websites in order to silence important information. Project Shield was offered for free to journalists, small publications, human rights groups, and others. But Google is doing that from its own initiative at a relatively high cost. Should there instead be a tax on computer hardware and/or software that goes towards a fund that is then used for organizations like this to have permanent DDOS mitigation?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Fundamentals of Information SystemsComputer ScienceISBN:9781337097536Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning