Software Engineering (10th Edition)
10th Edition
ISBN: 9780133943030
Author: Ian Sommerville
Publisher: PEARSON
expand_more
expand_more
format_list_bulleted
Concept explainers
Expert Solution & Answer
Chapter 14, Problem 14.8E
Explanation of Solution
Recognition resistance and strategies:
If the user is trying to move the prices from one trading system to another by making unauthorized access, the recognition, resistance and recovery strategies come into force so as to prevent it.
- With the use of recognition strategy, the operators of the system identify the unauthorized prices movement, which leads to system failure. The system then sends text messages to all the users that an unauthorized person is making the changes in prices.
- With the use of resistance strategy, the critical parts of the system are focused as it identifies the possibility of any cyber-attack on any trading system. As financial trading plays a vital role, it is focused in it.
- With the use of this strategy, the critical services of the system can be restored when the failure of system is occurred. With this the important trading information can be restored easily...
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solutionStudents have asked these similar questions
Do you believe that unauthorised individuals were responsible for the most recent security breach that included access control and authentication and was reported in the news? Is there any indication that it has had any kind of an impact on the way that day-to-day activities are carried out? How much cash has been squandered by the company?
a. Intrusion detection is based on the assumption that the behavior of the intruder differs from that of a legitimate user in ways that can be quantified. Of course, we cannot expect that there will be a crisp, exact distinction between an attack by an intruder and the normal use of resources by an authorized user. This poses a challenge to the use of IDS. Briefly discus the challenges and propose a cure.
b. Blockchain is a breakthrough technology that is expected to alter most industries in the coming years and it particularly touted so because of confidentiality, authentication and integrity that it offers which makes it independent, transparent and secure. Experts says that these important principles of security are achievable because blockchains employs hash functions and public key encryption. Briefly discuss how these cryptographic techniques offer confidentiality, authentication and integrity that gives blockchain its security.
A keylogger was used to get the password of a victim's Facebook account, and the hacker tried to extort money from the victim. The victim is informed that the contents of his emails will be abused unless he pays the money. What was the offence that was committed in violation of RA 10175? What are the ramifications? Justify your answer.
Knowledge Booster
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.Similar questions
- The act of comparing and contrasting is utilised to analyse the distinct roles and obligations of diverse access control groups in the context of computer security.arrow_forwardFirst, argue for the best information security practice, whether a block cipher or stream cipher should be used to encrypt a video data file sent through the internet as part of a major, successful entertainment service. The entertainment company has a large market share, and ample resources. Secondly, argue for the most secure choice of which kind of cipher should be used for the authentication exchange between the user and the entertainment service web portal. The entertainment service is expensive to the customer, and users are wary of the misuse of their accounts. Consider the nature of the traffic and its pattern, and the nature of the keys to use.arrow_forward1)Measures providing appropriate security, and not necessarily the maximum security that is possible, is required to be generally deployed to protect the confidentiality and integrity of personal data? a)true b)falsearrow_forward
- The password of a victim's Facebook account was obtained via the use of a keylogger, and the hacker sought to extort money from the victim as a result of the theft. The victim is informed that the contents of his emails will be exploited unless he pays the required sum of money. What was the crime that was committed in violation of RA 10175? What are the ramifications of this decision? Please provide justification for your answer.arrow_forward(1) (a)Describe various issues or challenges for password-based user authentication. (b)Explain the defence mechanism for each of these challenges/ attacks.arrow_forwardIn the context of information security, a threat is any action or occurrence that might have a negative outcome for a computer system or application that is enabled by a vulnerability.a) Specify the many ways in which computer systems may be compromised.arrow_forward
- QUESTION 5 Identify seven (7) categories of Access Controls and for each, provide an analytical evaluation of the securitycircumstances under which each may be appropriately applied.arrow_forwardIn what ways, in your opinion, must the safety of data be guaranteed both while it is being transferred and while it is being stored? Which of the following techniques has been shown to be the most successful with regard to the criterion of data integrity and user authentication?arrow_forwardi) A bank system should include the components of the “CIA triangle”. Discuss these THREE components and their main use. ii) Make up an intrusion scenario that could happen to the bank. How does the bank prevent, detect and react to the intrusionarrow_forward
- Analyze and contrast the various groups and responsibilities involved in the administration of computer security access.arrow_forwardOne possible approach to safeguarding data through the application of the "Principle of Confidentiality" is through the utilization of a "Cryptographic Technique." This technique involves the use of mathematical algorithms to encode and decode sensitive information, thereby rendering it unreadable to unauthorized parties. By employing such a technique, individuals and organizations can ensure that their data remains secure and protected from potential breaches or unauthorized access.arrow_forwardThe challenge-response authentication mechanism is a security protocol that verifies the identity of a user attempting to access a system or service. This mechanism involves a challenge, which is a request for the user to provide a response that proves their identity. The response is typically a password or other form of authentication credential. The challenge-response mechanism is designed to prevent unauthorised access to sensitive information or resources by ensuring that only authorised users are granted access. The specific features of this approach that confer enhanced security compared to a conventional password-based methodology are not readily apparent.arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Fundamentals of Information SystemsComputer ScienceISBN:9781337097536Author:Ralph Stair, George ReynoldsPublisher:Cengage LearningPrinciples of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage Learning
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning