MIS 2201 Midterm II (UMD) exam with complete solutions.
3 views 0 purchase
Course
MIS 2201
Institution
MIS 2201
Describe the goal of information systems security
1. Threat - person or organization seeks to obtain data or other assets illegally, without owner's permission and often without owner's knowledge
2. Vulnerability - opportunity for threats to gain access to individual or organizational assets; for...
MIS 2201 Midterm II (UMD) xm with
complete solutions
Describe the goal of information systems security - ANSWER- 1. Threat - person
or organization seeks to obtain data or other assets illegally, without owner's
permission and often without owner's knowledge
2. Vulnerability - opportunity for threats to gain access to individual or
organizational assets; for example, when you buy online, you provide your credit
card data, and as data is transmitted over Internet, it is vulnerable to threats
3. Safeguard - measure individuals or organizations take to block threat from
obtaining an asset; not always effective, some threats achieve their goal in spite
of safeguards
4. Target - asset desired by threat
5. Risk - The probability of a threat exploiting a vulnerability and the resulting
cost.
6. Exploit- Tools or techniques that take advantage of a vulnerability.
Explain the prevalence of the computer security problem - ANSWER- -No one
knows the exact cost of computer crimes
-Data loss single most expensive consequence of computer crime
-80% of respondents believe data on mobile devices poses significant risks
Sources of threats to digital security - ANSWER- Unauthorized data disclosure
-Human error: procedural mistakes
-Computer crime: pretexting, phishing, spoofing, sniffing, hacking
Social Engineering - ANSWER- hackers use their social skills to trick people into
revealing access credentials or other valuable information
, Phishing - ANSWER- the fraudulent practice of sending emails purporting to be
from reputable companies in order to induce individuals to reveal personal
information, such as passwords and credit card numbers.
Spoofing - ANSWER- a situation in which a person or program successfully
identifies as another by falsifying data, to gain an illegitimate advantage
Sniffing - ANSWER- technique for intercepting computer communications
Hacking - ANSWER- unauthorized access, modification, or use of an electronic
device or some element of a computer system
Describe why DOS or DDOS attacks are difficult to defend against - ANSWER- -
sites don't know where the attacks are coming from
-firewalls aren't designed to handle DDoS attacks
-the defense can't be mounted on the hosting provider's infrastructure
Explain how one should respond to security threats and practice safe computing
- ANSWER- - Take security seriously
- Create strong passwords
- Use multiple passwords
- Send no valuable data via email or IM
- Use https at trusted, reputable vendors
- Remove high-value assets from computers
- Clear browsing history
Describe how organizations should respond to security threats. - ANSWER-
Senior management creates company-wide policies:
- What sensitive data will be stores?
- How will data be processed?
- Will data be shared with other organizations?
-How can employees and others obtain copies of data stored about them?
- How can employees and others request changes to inaccurate data?
- Senior management manages risks
Describe how technical safeguards protect against security threats. - ANSWER- -
Identification and authentication
- Encryption
- Firewalls
- Malware protection
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller tuition. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.99. You're not tied to anything after your purchase.
