Principles of Information Security (MindTap Course List)
6th Edition
ISBN: 9781337102063
Author: Michael E. Whitman, Herbert J. Mattord
Publisher: Cengage Learning
expand_more
expand_more
format_list_bulleted
Concept explainers
Expert Solution & Answer
Chapter 8, Problem 2EDM
Explanation of Solution
Key logger software:
Key logger is software which is used to monitor and record every key that is typed on specific computer’s keyboard.
“No”, it is not ethical on Charlie’s part...
Expert Solution & Answer
Trending nowThis is a popular solution!
Students have asked these similar questions
Consider the security flaw that was recently found in the system that manages authentication and access. If the truth had been known about this situation, how much, if any, of a difference would it have made to the way things were handled? Is there a record of the money that the corporation has lost, somewhere?
Suppose Charlie had installed key logger software on all company computer systems and had made a copy of Peter's encryption key. Suppose that Charlie had this done without policy authority and without anyone's knowledge, including Peter's.
Would the use of such a tool be an ethical violation on Charlie's part? Is it illegal?
Suppose that Charlie had implemented the key logger with the knowledge and approval of senior company executives, and that every employee had signed a release that acknowledged the company can record all information entered on the company systems. Two days after Peter's call, Charlie calls back to give Peter his key: "We got lucky and cracked it early." Charlie says this to preserve Peter's illusion of privacy. Is such a "little white lie" an ethical action on Charlie's part?
Review each scenario carefully and respond to each question as either (very ethical, ethical, neither ethical nor unethical, unethical, very unethical) and justify your choice.
3. A student found a loophole in the university computer’s security system that allowed him access to other students’ records. He told the system administrator about the loophole, but continued to access others’ records until the problem was corrected two weeks later.
a.The student’s action in continuing to access others’ records for two weeks was:
Chapter 8 Solutions
Principles of Information Security (MindTap Course List)
Ch. 8 - Prob. 1RQCh. 8 - Prob. 2RQCh. 8 - Prob. 3RQCh. 8 - Prob. 4RQCh. 8 - Prob. 5RQCh. 8 - Prob. 6RQCh. 8 - Prob. 7RQCh. 8 - Prob. 8RQCh. 8 - Prob. 9RQCh. 8 - Prob. 10RQ
Ch. 8 - Prob. 11RQCh. 8 - Prob. 12RQCh. 8 - Prob. 13RQCh. 8 - Prob. 14RQCh. 8 - Prob. 15RQCh. 8 - Prob. 16RQCh. 8 - Prob. 17RQCh. 8 - Prob. 18RQCh. 8 - Prob. 19RQCh. 8 - Prob. 20RQCh. 8 - Prob. 1ECh. 8 - Prob. 2ECh. 8 - Prob. 3ECh. 8 - Prob. 4ECh. 8 - Prob. 5ECh. 8 - Prob. 1CEDQCh. 8 - Prob. 2CEDQCh. 8 - Prob. 1EDMCh. 8 - Prob. 2EDM
Knowledge Booster
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.Similar questions
- Charlie was just getting ready to head home when the phone rang. Caller ID showed it was Peter. “Hi, Peter,” he said into the receiver. “Want me to start the file cracker on your spreadsheet?” “No, thanks,” Peter answered, taking the joke well. “I remembered my passphrase. But I want to get your advice on what we need to do to make the use of encryption more effective and to get it properly licensed for the whole company. I see the value in using it for certain kinds of information, but I’m worried about forgetting a passphrase again or even worse, that someone else forgets a passphrase or leaves the company. How would we get their filesback?” “We need to use a feature called key recovery, which is usually part of PKI software,” said Charlie. “Actually, if we invest in PKI software, we could solve that problem as well as several others.” “OK,” said Peter. “Can you see me tomorrow at 10 o’clock to talk about this PKI solution and how we can make better use of encryption?” (Case Study…arrow_forwardConsider the security weakness detected in the login and access system. Would the truth have altered anything? Is the company's loss recorded?arrow_forwardTake into consideration the recently found flaw in the system that handles authentication and access control. If this is the case, then what impact did it have on the activities that took place on a daily basis? Is there a record of the amount of money that has been lost by the company?arrow_forward
- Which of our objectives would be most likely to be achieved if we were to get support for authentication? The benefits and drawbacks of different authentication strategies will be covered in the sections that follow.arrow_forwardProvide an example of a fictitious login management situation. Different types of authentication procedures should be identified. Does the use of passwords seem to be fading away?arrow_forwardAre you able to provide an example of a particular scenario that calls for authentication? Think about the advantages and disadvantages of the different authentication techniques.arrow_forward
- You could find yourself in a discourse about security events involving access control or authentication at some point. To be more specific, how did it influence the day-to-day operations of the company? How much money does it seem like the company has thrown away?arrow_forwardRespond to the following in a minimum of 175 words: Discuss a cryptography attack scenario. Choose an attack and explain how it works. Be sure to choose one that hasn’t been mentioned by another classmate. What countermeasures would you apply? How do the countermeasures you would use compare to those your classmates recommended for the attacks they chose? What do those similarities or differences tell you about fighting these types of attacks?arrow_forwardIs there any chance that authentication might help us reach our goals?Here, we'll take a look at the pros and cons of many authenticator methods and see how they stack up against one another.arrow_forward
- Let us consider an application where we need to run a secure Information Management System.We are to receive very confidential information from our customers and keep them save in our system. These information are sent to us in the softcopy forms. We are to protect our customers’ confidentiality even from ourselves, we are not to see the information they bring to us, or else the confidentiality is compromised.Your job as computer security officer is to verify the authenticity of the important document received in order to save them under the appropriate users. Mind you; you have no access to the users’ usernames and passwords, you can store but cannot retrieve except the user himself.Secondly, you are to protect the passwords and usernames to make impossible for everyone (including the system administrators) except the users themselves to access even if the whole database is hacked or stolen.1. Based on your knowledge in computer security, which cryptographic mechanisms would you…arrow_forwardLet us consider an application where we need to run a secure Information Management System.We are to receive very confidential information from our customers and keep them save in our system. These information are sent to us in the softcopy forms. We are to protect our customers’ confidentiality even from ourselves, we are not to see the information they bring to us, or else the confidentiality is compromised.Your job as computer security officer is to verify the authenticity of the important document received in order to save them under the appropriate users. Mind you; you have no access to the users’ usernames and passwords, you can store but cannot retrieve except the user himself.Secondly, you are to protect the passwords and usernames to make impossible for everyone (including the system administrators) except the users themselves to access even if the whole database is hacked or stolen.2. Which cryptographic mechanisms would you implement in order to protect the usernames and…arrow_forwardWhat happens if the security of the information is not enforced? Where are mistakes more likely?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,