Chapter 7,8,10 As system complexity and our dependence on them increase, companies face the growing risk of their systems being compromised. What are the threats a company faces? Or what are the threats to ais?



Download 0.52 Mb.
View original pdf
Page1/11
Date17.12.2020
Size0.52 Mb.
#55473
  1   2   3   4   5   6   7   8   9   10   11
Chapter 7,8,10


Chapter 7,8,10
1. As system complexity and our dependence on them increase, companies face the growing risk
of their systems being compromised. What are the threats a company faces Or what are the
threats to AIS?
Threats to AIS
Examples
Natural
and
political disasters

fire or excessive heat

floods

earthquakes

high winds

war
Software errors and
equipment
malfunctions

hardware failures

power outages and fluctuations

undetected data transmission errors
Unintentional acts

accidents caused by human carelessness

innocent errors of omissions

lost or misplaced data

logic errors

systems that do not meet company needs
Intentional acts

sabotage

computer fraud

embezzlement
2. Compare preventive, detective and corrective control techniques with example.
Type of control

Examples
Preventive
● People Creation of a “security-aware” culture

Training
● Processes User access controls (authentication and authorization)
● IT solutions

Anti-malware

Network access controls (firewalls, intrusion prevention systems, etc)

Device and software hardening (configuration controls)

Encryption
● Physical security access controls (locks, guards, etc) Detective
● Log analysis
Intrusion detection systems
● Penetration testing
● Continuous monitoring Corrective
● Computer incident response teams (CIRT)
● Chief information security officer (CISO)
● Patch management



Download 0.52 Mb.

Share with your friends:
  1   2   3   4   5   6   7   8   9   10   11




The database is protected by copyright ©ininet.org 2024
send message

    Main page