Академический Документы
Профессиональный Документы
Культура Документы
12-2
12-3
Study Guide
Q1: What is the goal of information systems security? Q2: How big is the computer security problem? Q3: How should you respond to security threats? Q4: How should organizations respond to security threats? Q5: How can technical safeguards protect against security threats?
12-4
12-5
Examples of Threat/Loss
12-6
12-7
12-8
12-9
Faulty Service
Incorrect data modification Systems working incorrectly Procedural mistakes Programming errors IT installation errors
Usurpation
Denial of service (unintentional)
12-10
Loss of Infrastructure
Human accidents Theft and terrorist events Disgruntled or terminated employee Natural disasters Advanced Persistent Threat (APT) or cyberwarfare
12-11
12-12
12-13
12-14
12-15
12-16
12-17
InClass 12: Phishing for Credit Cards, Identifying Numbers, Bank Accounts
In this exercise, you and a group of your fellow students will investigate phishing attacks. Search the Web for phishing, be aware that your search may get the attention of an active phisher. Therefore, do not give any data to any site you visit as part of this exercise!
12-18
12-19
12-20
12-21
12-22
12-23
Firewalls
12-24
12-25
Malware Safeguards
1. Use antivirus and antispyware programs.
2. Scan frequently.
3. Update malware definitions. 4. Open email attachments only from known sources. 5. Install software updates. 6. Browse only reputable Internet neighborhoods.
12-26
12-27
12-28
12-29
Account Administration
Account Management Standards for new user accounts, modification of account permissions, removal of unneeded accounts Password Management Users should change passwords frequently Help Desk Policies
12-30
12-31
Systems Procedures
12-32
12-33
Q9: 2023
APTs more common, inflicting serious damage Security mobile devices improved Improved security procedures and employee training Criminals focus on less protected mid-sized and smaller organizations, and individuals Electronic lawlessness by organized gangs Electronic sheriffs patrol electronic borders
12-34
Guide: Metasecurity
What are the security problems? What are the managers responsibilities for controls over the security system?
12-35
12-36
Active Review
Q1: What is the goal of information systems security? Q2: How big is the computer security problem? Q3: How should you respond to security threats? Q4: How should organizations respond to security threats? Q5: How can technical safeguards protect against security threats? Q6: How can data safeguards protect against security threats? Q7: How can human safeguards protect against security threats? Q8: How should organizations respond to security incidents? Q9: 2023?
12-37
12-38
12-39