Using MIS (10th Edition)
10th Edition
ISBN: 9780134606996
Author: David M. Kroenke, Randall J. Boyle
Publisher: PEARSON
expand_more
expand_more
format_list_bulleted
Expert Solution & Answer
Chapter 6, Problem 6.16CS6
Explanation of Solution
Analyzing Security Exchange Commission’s (SEC) view:
- A storage system uses an integrated software/hardware codes provides a supportable rule regarding the storage of records in non-rewriteable and non-erasable state in retention length.
- But it is essential to store the records in permanent retention period instead of placing retention period.
- According to the SEC, their position is difficult to alter a system which combines both integrated hardware and software controls than it is to interfere with a system which has the software applications contains password protected authentications.
- The main role of the SEC is to ensure that there is no record alterations have been made to the system for assuring 100% accuracy...
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solutionStudents have asked these similar questions
One common description of the security issue (from the perspective of the defender) is the preservation of the confidentiality, integrity, and availability of data (and services). From the attacker's point of view, it is possible to conceive about interruption, interception, modification, and creation in many ways.
Is there any relationship between the last four ideas and the first three concepts mentioned? Is there a match-up between any of the four and any of the other three players? If so, does one or more of the four include at least one of the three? Is there anything that comes within the purview of one formulation but not the other, and vice versa?
Which framework is more advantageous, and why is this so?
Do you believe that unauthorised individuals were responsible for the most recent security breach that included access control and authentication and was reported in the news? Is there any indication that it has had any kind of an impact on the way that day-to-day activities are carried out? How much cash has been squandered by the company?
Therefore, what is the intended objective of implementing this requirement for authentication? It is pertinent to evaluate the benefits and drawbacks of the diverse array of verification methodologies that exist in contemporary times.
Chapter 6 Solutions
Using MIS (10th Edition)
Ch. 6.3 - Prob. 1EGDQCh. 6.3 - Prob. 2EGDQCh. 6.3 - Prob. 3EGDQCh. 6.3 - Prob. 4EGDQCh. 6.3 - Prob. 5EGDQCh. 6.3 - Prob. 6EGDQCh. 6.3 - Prob. 7EGDQCh. 6.3 - Prob. 8EGDQCh. 6.3 - Prob. 9EGDQCh. 6.7 - Prob. 1QLQ
Ch. 6.7 - Prob. 2QLQCh. 6.7 - Prob. 3QLQCh. 6.7 - The article mentions that quantum computers will...Ch. 6.8 - Prob. 1SGDQCh. 6.8 - Prob. 2SGDQCh. 6.8 - Prob. 3SGDQCh. 6.8 - Prob. 4SGDQCh. 6.8 - Prob. 5SGDQCh. 6.8 - Prob. 6.1ARQCh. 6.8 - Prob. 6.2ARQCh. 6.8 - Prob. 6.3ARQCh. 6.8 - Prob. 6.4ARQCh. 6.8 - Prob. 6.5ARQCh. 6.8 - Prob. 6.6ARQCh. 6.8 - Prob. 6.7ARQCh. 6.8 - Prob. 6.8ARQCh. 6 - Prob. 6.1UYKCh. 6 - Prob. 6.2UYKCh. 6 - Prob. 6.3UYKCh. 6 - Prob. 6.4UYKCh. 6 - Prob. 6.5UYKCh. 6 - Prob. 6.6UYKCh. 6 - Prob. 6.7CE6Ch. 6 - Prob. 6.8CE6Ch. 6 - Prob. 6.9CE6Ch. 6 - Prob. 6.1CE6Ch. 6 - Prob. 6.11CE6Ch. 6 - Prob. 6.12CE6Ch. 6 - Prob. 6.14CS6Ch. 6 - Prob. 6.15CS6Ch. 6 - Prob. 6.16CS6Ch. 6 - Prob. 6.17CS6Ch. 6 - Prob. 6.18CS6Ch. 6 - Prob. 6.19CS6Ch. 6 - Prob. 6.2CS6Ch. 6 - Prob. 6.21MMLCh. 6 - Prob. 6.22MML
Knowledge Booster
Similar questions
- Consider the recently identified susceptibility in the access and authentication management system. To what extent would the veracity of this issue have impacted the course of action taken? Is there a record of the corporation's financial deficits?arrow_forwardTherefore, what is the intended objective of implementing this requirement for authentication? It is imperative to evaluate the benefits and drawbacks of the various verification methodologies that exist in contemporary times.arrow_forwardSuppose that you are appointed as Chief Security Office (CSO) in an organization which deals with very critical and classified resources. The resources are so highly confidential that only authorized personnel should be given access to this facility. Access to unauthorized people may cause severe threats to national security. This facility is newly built and currently doesn’t have any automated information technology-based authentication system. After being appointed as CSO, the first task you have been assigned is to design an IT based authentication system which verifies the identity of a person when he/she wants to access the facility. Propose and explain an authentication system which can be used for verification of employees to let only those personnel give access to classified resources who have proper access rights. Please note that single factor authentication may not serve the purpose well.arrow_forward
- First, argue for the best information security practice, whether a block cipher or stream cipher should be used to encrypt a video data file sent through the internet as part of a major, successful entertainment service. The entertainment company has a large market share, and ample resources. Secondly, argue for the most secure choice of which kind of cipher should be used for the authentication exchange between the user and the entertainment service web portal. The entertainment service is expensive to the customer, and users are wary of the misuse of their accounts. Consider the nature of the traffic and its pattern, and the nature of the keys to use.arrow_forwardComputer Science Pick one security law that most interests you with an emphasis on the areas that impact information security and assurance. Write a 1 page summary that includes what it is, what is its purpose/relevance, why is it important, who or what it applies to, ramnifications if not followed, and impact on information and assurance.arrow_forwardIt would be highly appreciated if you could furnish additional context regarding the underlying reasoning behind the authentication methodology. Through a comparative and analytical examination of various authentication methodologies, one can evaluate the advantages and disadvantages associated with each approach.arrow_forward
- With the use of authentication, can we achieve any of our objectives?We'll compare the advantages and disadvantages of different forms of authentication in this section.arrow_forwardWhere do you believe the responsibility for information security begins and ends in a company? In order to know when security policies and procedures become active and inactive, we must know how much control the organization has over those times. Perceived or actual, do you think any of these boundaries will be increased in size? If this is the case, tell us how and why you went about it. If this isn't the case, why is that?arrow_forwardWhat is the difference between security policy and information security standards in terms of whether they are static or dynamic? Do you think there was anything in particular that contributed to the occurrence of this problem?arrow_forward
- Assume you've been named Chief Security Officer (CSO) of a company that deals with highly sensitive and classified information. Because the materials are so sensitive, only authorised people should have access to this facility. Unauthorized access could pose a serious threat to national security. This facility is very new, and there is currently no automated information technology-based authentication mechanism in place. The first assignment you were given after being appointed as CSO was to build an IT-based identification system that checks a person's identity when he or she wishes to use the facility. Propose and describe an authentication system that can be used to verify employees and allow only those personnel with proper access rights to access classified resources. Please keep in mind that single factor authentication may not be sufficient.arrow_forwardFind an application in which a reliable Information Management System is needed. We must collect extremely sensitive information from our consumers and store it in our system. These details are submitted to us in electronic format. Even from ourselves, we must protect our consumers' secrecy; we must not see the information they present to us, otherwise the confidentiality will be jeopardised. As an information security officer, the duty is to double-check the validity of sensitive documents before storing them with the proper users. You have no access to the users' usernames and passwords, which you can save but not recover until the user gives you permission. Second, even though the whole database is compromised or robbed, you must encrypt the passwords and usernames to make it difficult for everyone to access them. (including server administrators) besides the users.Which cryptographic mechanisms, based on your knowledge of computer security, would you enforce in order to operate the…arrow_forwardTo what extent and in what ways does physical security vary from other types of security? We need to know what are the most pressing physical security risks of our day. In what ways do they make themselves known to the general public, and in what ways do their assaults on the organization come to bear?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,Principles of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning