Using Your Knowledge –
Security Threats
Chapter 12 page 491 Q2
MGS 3040-03
Group B
Omotayo Adeniyi, Micale Baptiste, Robert Kuhl
Claudia Murcia, Deborah Stroud
Consider the 15 categories of threat in Figure 12-1
Source
below
Problem
Human Error
Malicious Activity Natural Disasters
Unauthorized
data disclosure
Procedural
mistakes
Pretexting
Phishing
Spoofing
Sniffing
Computer crime
Incorrect data
modification
Hacking
Procedural
mistakes Incorrect Computer crime
procedures
Ineffective
accounting
controls
System errors
Incorrect data
recovery
Faulty service
Computer crime
Procedural
mistakes
Usurpation
Development and
installation errors
Service improperly
restored
Disclosure during
recovery
Denial of Service Accidents
DOS attacks
Service
interruption
Loss of
infrastructure
Theft
Terrorist activity
Property loss
Accidents
Using Your Knowledge
Describe the three most serious threats to each of
the following businesses:
•
•
•
•
Local Workout Studio
Neighborhood accounting firm
Dentist’s office
Honda dealership
The three most serious threats to a local workout studio
are:
• Unauthorized data disclosure
o
Human Error - when someone inadvertently releases
data in violation of policy
o
Computer crime - breaking into networks to steal data
such as customer information, or employee's
personal information
The three most serious threats to a local
workout studio con't
• Incorrect data modification
o
System errors - caused by employees when
procedures are followed incorrectly or
procedures have been designed incorrectly
• Faulty service - service impropertly restored
Using Your Knowledge
The three most serious threats in a neighborhood
accounting firm are:
Hacker- A person or thing that hacks. Also it’s when a
person doesn’t have the authority or official power to have
the access to a computer system.
o Viruses- A segment of self- replicating code planted illegally
in a computer program, often to damage or shut down a
system or network.
o Inside threats
o
 Losing client records
 Theft of client records
 Unauthorized discussions with third parties about client
information
Using Your Knowledge
What to do about threats:
o
One of the most important aspects in dealing with internal
threats is through control. You want to control access to only
those who should have access. Document control can take
several forms:
 Using passwords to gain access to network resources as
well as within a document in order to maintain security
 Using document management software to control access
to documents
 Using the file security system built into the server
operating system to secure documents in folders with
access for those users who require access
Using Your Knowledge
Dentist’s office - The three most serious threats
o
Procedural mistakes
 Human error
 Improper internal control of systems that process financial
data
o
Computer crime
 Hacking - attempts to steal customer data
o
Denial of service attacks
 Inadvertent shutdown of Web server by starting a
computationally intensive application
 Malicious hacker can flood a Web server with artificial
traffic so legitimate traffic can't get through
Using Your Knowledge
Honda dealership -The three most serious threats
Unauthorized data disclosure
Human Error
occuring by human error when someone
inadvertently releases data in violation of
policy.
Loss of infrastructure
Accidents
human accidents can cause loss of
infrastructure
Using Your Knowledge
Honda dealership-The three most serious threats
Incorrect data Modification
Malicious Activity
Hacking-Although some people hack
for the sheer joy of doing it, others
hack for the malicious purpose of
stealing or modifying data.
Using Your Knowledge Security Threats
Chapter 12
Group B
The End!!
Thank you for
your time!