Essentials of MIS (13th Edition)
13th Edition
ISBN: 9780134802756
Author: Kenneth C. Laudon, Jane Laudon
Publisher: PEARSON
expand_more
expand_more
format_list_bulleted
Question
Chapter 8, Problem 11CTP
Program Plan Intro
System vulnerability:
- When huge data amounts are been kept in electronic form, it becomes susceptible to many threats.
- The
information systems in many locations are been interconnected through communication networks. - The unauthorized access can occur at many access points in network and is not limited to single location.
- The data flowing over networks could be accessed; valuable information could be stolen while transmission or data could be altered without authorization.
- The denial-of-service attacks are launched by intruders to disrupt website operations.
- Internets are vulnerable than internal networks as it is open to everyone.
Explanation of Solution
Comparison of firms:
- The details of two firms that offer security outsourcing services are shown below:
- Company A:
- The company A is one of leading firm in security outsourcing services.
- The services offered by company includes:
- Customized services
- More expertise in solving security problems.
- Different methods are introduced and more security copy rights.
- It provides more security solutions.
- It has professionals with experience in security as well as technological issues...
- Company A:
Explanation of Solution
The choice of outsourcing:
- The company should outsource the computer security based on investment returns.
- It is better option to choose company B than company A.
- Company B provides quick and timely services, so that it helps company to react proactively.
- It provides more flexibility in services, even though company A provides customization, flexibility is more important...
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solutionStudents have asked these similar questions
The organization you work for in Abu Dhabi is a startup company with 2 years in business. To comply with regulations, your CISO has decided to propose implementation of Information Security Management System (ISMS). As a member of the security team, you have to analyze the business needs for ISMS. Demonstrate effective contributions to the ISMS project team relevant to an assigned task as below:
Introduce the Organization
Demonstrate your project team
Highlight the roles and responsibilities of each team member on the project
Develop the ISMS for the organization by utilizing all the steps of from the ISO Standard 27001.
recommend an appropriate encryption algorithm cipher to deploy a business's needs.
Consider security protection best practices to defend against various types of security attacks.
Consider and identify all of the risks in your recommendation.
Consider the most current government regulations and how they will be met.
How will this algorithm cipher be used?
What is the best cipher and why?
What are the reasons why you might not choose the most secure cipher?
As a security officer, you have been requested to assist the company’s recruitment officer with the drafting of a newemployee recruitment security protocol that the organization intends to adopt for all recruitment purposes in the future. Provide a brief but comprehensive document which must cover the most important security area the organization needs to focus on when recruiting new employees.
Chapter 8 Solutions
Essentials of MIS (13th Edition)
Ch. 8.1 - Prob. 1CQ1Ch. 8.1 - Prob. 2CQ1Ch. 8.1 - Prob. 3CQ1Ch. 8.1 - Prob. 4CQ1Ch. 8.4 - Prob. 1CQ2Ch. 8.4 - Prob. 2CQ2Ch. 8.4 - Prob. 3CQ2Ch. 8.4 - Prob. 4CQ2Ch. 8 - Prob. 1IQCh. 8 - Prob. 2IQ
Ch. 8 - Prob. 3IQCh. 8 - Prob. 4IQCh. 8 - Prob. 5IQCh. 8 - Prob. 1RQCh. 8 - Prob. 2RQCh. 8 - Prob. 3RQCh. 8 - Prob. 4RQCh. 8 - Prob. 5DQCh. 8 - Prob. 6DQCh. 8 - Prob. 7DQCh. 8 - Prob. 8HMPCh. 8 - Prob. 9HMPCh. 8 - Prob. 11CTPCh. 8 - Prob. 12CTPCh. 8 - Prob. 13CSQCh. 8 - Prob. 14CSQCh. 8 - Prob. 15CSQCh. 8 - Prob. 16CSQCh. 8 - Prob. 17MLMCh. 8 - Prob. 18MLM
Knowledge Booster
Similar questions
- A security policy is developed by senior management to assign certain responsibilities and mandate certain requirements, which are usually aligned with the agency's mission.A new policy was just created to prohibit peer-to-peer software downloads, as they are illegal and may bring malicious content to the workplace. The security officer, noticed that employees resisted the policy and chose to continue downloading peer-to-peer software. Explain how you would handle this situation. What would you do to enforce the policy?arrow_forwardYou must analyze a controversial issue within your professional field and prepare a position paper.The target audience is your immediate supervisor who has asked you to research the issue and present a position for the organization. a. Define an issue (controversial issue or industry topic) that is relevant within the field you have chosen to pursue for your career. Potential topics focused upon your major are provided below; IT Security ( Risk Management): Outsourcing risk Whether to pay the ransom for Ransomware Multi-cloud security Provide research on the background of the issue, discussing the merits of each side of the issue. You must summarize information from a minimum of two authoritative sources, providing appropriate references for your sources of information. The sources may include newspapers, books, magazines, news portals, databases, online libraries, websites, blogs, etc. Your sources may also include interviews with appropriate individuals from the…arrow_forwardCan you please asnwer these questions based off of cyber security industry.arrow_forward
- Prepare research on cyber security solution for the real-world business case and write about 2000 words report to discuss security vulnerabilities, and their proposed solution while emphasising ethical, professional and legal practices. The aim of this assessment is critically evaluate and reflect on this topic. Critically evaluate the reality of cyber security solution and its significance for organisations and the impact of cyber security solution on corporate strategies. You will need to discuss security vulnerabilities, and their proposed solution while emphasising ethical, professional and legal practices. The content has to include. 1. Cybersecurity Background a. Situation b. Cases 2. Proposed Security Solutions a. Analysis b. Technical specifications 3. Proposal a. Depth Explanation b. Conclusions and Recommendationsarrow_forwardChoosing The Right Security Framework For Your Organization The many challenges related to building and running an information security program can be overwhelming. The chief information security officer (CISO) is responsible for running Identity And Access Management (IAM), Data Loss Prevention (DLP) and many other security programs. On top of those daunting considerations are the complex areas of governance, risk and regulatory compliance. One of the most effective ways to build and maintain these programs is to use a hybrid security framework that is customized to meet business objectives, and to define policies and procedures for implementing and managing controls in the organization. It should be tailored to outline specific security controls and regulatory requirements that impact the business.Common Security FrameworksTo better understand security frameworks, let’s take a look at some of the most common and how they are constructed.NIST SP 800-53First published in 1990, National…arrow_forwardWhy security architecture is needed for a firm’s security solution? Outline what is a typical firm’s security architecture.arrow_forward
- PurposeThis course project is intended to assess your ability to identify, design, and organize information technology (IT) security policies.Learning Objectives and OutcomesSuccessful completion of this project will ensure that you can develop draft IT security policies for an organization and apply learning constructs from the course. By the end of this project, you will be able to do the following:Evaluate compliance laws relevant to the U.S. Department of Defense.Assess policy frameworks appropriate for an organization in a given scenario.Evaluate security controls and standards for the seven domains of a typical IT infrastructure.Develop DoD-compliant policies for an organization’s IT infrastructure.Required Source Information and ToolsWeb References: Links to Web references in this document and related materials are subject to change without prior notice. These links were last verified on January 4, 2022. The following tools and resources will be needed to complete this…arrow_forwardChoosing The Right Security Framework For Your Organization The many challenges related to building and running an information security program can be overwhelming. The chief information security officer (CISO) is responsible for running Identity And Access Management (IAM), Data Loss Prevention (DLP) and many other security programs. On top of those daunting considerations are the complex areas of governance, risk and regulatory compliance. One of the most effective ways to build and maintain these programs is to use a hybrid security framework that is customized to meet business objectives, and to define policies and procedures for implementing and managing controls in the organization. It should be tailored to outline specific security controls and regulatory requirements that impact the business.Common Security FrameworksTo better understand security frameworks, let’s take a look at some of the most common and how they are constructed.NIST SP 800-53First published in 1990, National…arrow_forwardPurposeThis course project is intended to assess your ability to identify, design, and organize information technology (IT) security policies.Learning Objectives and OutcomesSuccessful completion of this project will ensure that you can develop draft IT security policies for an organization and apply learning constructs from the course. By the end of this project, you will be able to do the following:Evaluate compliance laws relevant to the U.S. Department of Defense.Assess policy frameworks appropriate for an organization in a given scenario.Evaluate security controls and standards for the seven domains of a typical IT infrastructure.Develop DoD-compliant policies for an organization’s IT infrastructure.Required Source Information and ToolsWeb References: Links to Web references in this document and related materials are subject to change without prior notice. These links were last verified on January 4, 2022. The following tools and resources will be needed to complete this…arrow_forward
- When creating a comprehensive information security strategy for your company's information system, what are the many cyber security dangers that you should be aware of and prepare for? How have you anticipated and prepared for potential cyber security issues in the near future?arrow_forwardThe work you’ve done for your clients at the flooring company has helped them realize they have not taken cybersecurity seriously enough. Now that they realize the threats from hackers are more serious than they thought, they want to learn more about how to detect intruders in their systems to try to prevent the problems from happening because of a hack. Write a 2- to 3-page summary explaining how to prevent and detect intrusion in IT systems. Describe how penetration tests provide insight on network vulnerabilities through testing network defenses, such as firewalls, honeypots, and IDS. Explain how and why hackers circumvent firewalls. Explain IDS evasion and countermeasures to IDS evasion techniques. Describe the role of webserver hacking and detection in penetration testing. Identify 3 web server architectures and provide an example of a vulnerability for each. Identify tools and techniques used to detect intrusion web servers.arrow_forwardPhishing attack simulation using Packet Tracer is a critical exercise in understanding and defending against cyber threats. In a minimum of two paragraphs, please reflect on your understanding of this topic. Share your insights into what phishing attacks are, how they are simulated using Packet Tracer, and the importance of this exercise in enhancing cybersecurity awareness and skills. Additionally, discuss any challenges or key takeaways you've gained from the simulation, and how this experience contributes to your knowledge of cybersecurity practices.arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Database System ConceptsComputer ScienceISBN:9780078022159Author:Abraham Silberschatz Professor, Henry F. Korth, S. SudarshanPublisher:McGraw-Hill EducationStarting Out with Python (4th Edition)Computer ScienceISBN:9780134444321Author:Tony GaddisPublisher:PEARSONDigital Fundamentals (11th Edition)Computer ScienceISBN:9780132737968Author:Thomas L. FloydPublisher:PEARSON
- C How to Program (8th Edition)Computer ScienceISBN:9780133976892Author:Paul J. Deitel, Harvey DeitelPublisher:PEARSONDatabase Systems: Design, Implementation, & Manag...Computer ScienceISBN:9781337627900Author:Carlos Coronel, Steven MorrisPublisher:Cengage LearningProgrammable Logic ControllersComputer ScienceISBN:9780073373843Author:Frank D. PetruzellaPublisher:McGraw-Hill Education
Database System Concepts
Computer Science
ISBN:9780078022159
Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:McGraw-Hill Education
Starting Out with Python (4th Edition)
Computer Science
ISBN:9780134444321
Author:Tony Gaddis
Publisher:PEARSON
Digital Fundamentals (11th Edition)
Computer Science
ISBN:9780132737968
Author:Thomas L. Floyd
Publisher:PEARSON
C How to Program (8th Edition)
Computer Science
ISBN:9780133976892
Author:Paul J. Deitel, Harvey Deitel
Publisher:PEARSON
Database Systems: Design, Implementation, & Manag...
Computer Science
ISBN:9781337627900
Author:Carlos Coronel, Steven Morris
Publisher:Cengage Learning
Programmable Logic Controllers
Computer Science
ISBN:9780073373843
Author:Frank D. Petruzella
Publisher:McGraw-Hill Education