You are on page 1of 5

\Maximum grade: 10

1. Why are computer systems so vulnerable? Describe the most common security
threats against Information Systems
The computer system are so vulnerable because
Operating systems have fewer vulnerabilities that can lead to massive Internet
worms. For instance, during 2002-2005, Microsoft Windows worms like Blaster,
Nachi, Sasser and Zotob infected a large number of systems on the Internet On
the other hand, vulnerabilities found anti-virus, backup or other application
software, can result in worms. There is growth in the number of client-side
vulnerabilities, including vulnerabilities in browsers, in office software, in
media players and in other desktop applications. These vulnerabilities are being
discovered on multiple operating systems and are being massively exploited in
the wild, often to drive recruitment for botnets. Users who are allowed by their
employers to browse the Internet have become a source of major security risk for
their organizations. A few years back securing servers and services was seen as
the primary task for securing an organization. Today it is equally important,
perhaps even more important, to prevent users having their computers compromised
via malicious web pages or other client-targeting attacks. Attackers are finding
more creative ways to obtain sensitive data from organization

The common security threats against information system is


A well-known cause of computer problems are viruses, or damaging programs that
are introduced to computers or networks. Some viruses rewrite coding to make
software programs unusable, while others scramble or destroy data. Many viruses
spread quickly and operate subtly, so they may not be noticed until the damage
has already been done.
Hackers have two main methods of causing problems for businesses' computer
systems: they either find a way to enter the system and then change or steal
information from the inside, or they attempt to over-whelm the system with
information from the outside so that it shuts down. One way a hacker might enter
a small business's computer network is through an open port, or an Internet
connection that remains open even when it is not being used. They might also
attempt to appropriate passwords belonging to employees or other authorized
users of a computer system. Many hackers are skilled at guessing common
passwords, while others run programs that locate or capture password
information.
Another common method of attack used by hackers is e-mail spoofing. This method
involves sending authorized users of a computer network fraudulent e-mail that
appears as if it were sent by someone else, most likely a customer or someone
else the user would know. Then the hacker tries to trick the user into divulging
his or her password or other company secrets. Finally, some hackers manage to
shut down business computer systems with denial of service attacks. These
attacks involve bombarding a company's Internet site with thousands of messages
so that no legitimate messages can get in or out.

2. What is the difference between a Virus, a Worm, and a Trojan horse?


Difference between
Trojan horse-It is a program, using this program it will make the victim
system to make listen on particular port, so that attacker can do anything on
our system, i.e he can tamper the data,theft the data,destroy the data etc....,
trojan horse wont spread in to the system like a virus so it wont effect the
system performence.
A Trojan Horse is full of as much trickery as the mythological Trojan Horse it
was named after. The Trojan Horse, at first glance will appear to be useful
software but will actually do damage once installed or run on our computer.
Those on the receiving end of a Trojan Horse are usually tricked into opening
them because they appear to be receiving legitimate software or files from a
legitimate source. When a Trojan is activated on our computer, the results can
vary. Some Trojans are designed to be more annoying than malicious (like
changing our desktop, adding silly active desktop icons) or they can cause
serious damage by deleting files and destroying information on our system.
Trojans are also known to create a backdoor on our computer that gives malicious
users access to your system, possibly allowing confidential or personal
information to be compromised. Unlike viruses and worms, Trojans do not
reproduce by infecting other files nor do they self-replicate.

virus-It is a malicious program, using this program it will damage our system,
by injecting the virus in to another programs or files, so that it will regrade
our system performance. virus will come to the system with user interaction
only.
A computer virus attaches itself to a program or file enabling it to spread
from one computer to another, leaving infections as it travels. Like a human
virus, a computer virus can range in severity: some may cause only mildly
annoying effects while others can damage your hardware, software or files.
Almost all viruses are attached to an executable file, which means the virus may
exist on our computer but it actually cannot infect our computer unless we run
or open the malicious program. It is important to note that a virus cannot be
spread without a human action, (such as running an infected program) to keep it
going.
People continue the spread of a computer virus, mostly unknowingly, by sharing
infecting files or sending e-mails with viruses as attachments in the e-mail

worm-It is also one type of virus, using this program it will damage our system
like virus, not only system it will spread's through out the network and checks
for honey pot of our os, and enter in to the os,it will regrade ur system
performence and also it will eat our network bandwidth also.
A worm is similar to a virus by design and is considered to be a sub-class of a
virus. Worms spread from computer to computer, but unlike a virus, it has the
capability to travel without any human action. A worm takes advantage of file or
information transport features on our system, which is what allows it to travel
unaided.
The biggest danger with a worm is its capability to replicate itself on our
system, so rather than our computer sending out a single worm, it could send out
hundreds or thousands of copies of itself, creating a huge devastating effect.
One example would be for a worm to send a copy of itself to everyone listed in
our e-mail address book. Then, the worm replicates and sends itself out to
everyone listed in each of the receiver's address book, and the manifest
continues on down the line.
Due to the copying nature of a worm and its capability to travel across networks
the end result in most cases is that the worm consumes too much system memory
(or network bandwidth), causing Web servers, network servers and individual
computers to stop responding.

3.What is a computer crime? Provide two examples of crime in which computers are
targets and two examples in which computers are used as instruments of crime.

A computer crime is any illegal action where the data on a computer is accessed
without permission. This access doesn't have to result in loss of data or even
data modifications. Arguably the worst computer crime occurs when there are no
indications that data was accessed.
Computer crime is often attributed to rogue hackers and crackers, but
increasingly organized crime groups have realized the relative ease of stealing
data with relative low-level of risk

Computer crime, cybercrime, e-crime, hi-tech crime or electronic crime generally


refers to criminal activity where a computer or network is the source, tool,
target, or place of a crime. These categories are not exclusive and many
activities can be characterized as falling in one or more. Additionally,
although the terms computer crime and cybercrime are more properly restricted to
describing criminal activity in which the computer or network is a necessary
part of the crime, these terms are also sometimes used to include traditional
crimes, such as fraud, theft, blackmail, forgery, and embezzlement, in which
computers or networks are used. As the use of computers has grown, computer
crime has become more important.

Computer crime issues have become high-profile, particularly those surrounding


hacking, copyright infringement through warez, child pornography, and child
grooming. There are also problems of privacy when confidential information is
lost or intercepted, lawfully or otherwise

Computer as a target The attack seeks to deny the legitimate users or owners
of thesystem access to their data or computers. A Denial-of-Service (a.k.a., DOS
or DDOS) attack or a virus that renders the computer inoperable would be
examples of this category.
Computer As the Target
Crimes in which the computer is the target include such offenses as theft of
intellectual property, theft of marketing information (e.g., customer lists,
pricing data, or marketing plans), or blackmail based on information gained from
computerized files (e.g., medical information, personal history, or sexual
preference). Unlawful access to criminal justice and other government records is
another crime that targets the computer directly. This crime covers changing a
criminal history; modifying want and warrant information; creating a driver's
license, passport, or another document for identification purposes; changing tax
records; or gaining access to intelligence files.
One of the best examples of a crime in which the computer is the target can
be found in the book The Cuckoo's Egg by Cliff Stoll. The book recounts the true
story of a hacker from Hanover, Germany, who infiltrated a number of computers
in the United States, including those of universities, the military, and
government contractors. The hacker attempted to locate and steal national
security information in order to sell it to foreign governments, a clear
illustration of making computers the targets of crime

_ The computer as an instrument of the crime


The computer is used to gain some other
criminal objective. For example,
1) A thief may use a computer to steal personal information
2)nd example of using a computer as the instrument to commit a crime is the
growing problem of individuals' using cellular phones and electronically billing
charges to other customers. In these cases, offenders obtain cellular billing
identification codes by using scanning devices, which are small parabolic
(curve-shaped) antennae connected to portable computers. When activated, these
scanners capture and store account numbers transmitted by cellular phones.
The offenders operate near highways, because motorists frequently make calls
from their cars. Once they capture the computerized billing codes, they program
these codes into other cellular phones simply by hooking up the phone to a
personal computer. Then, using software originally developed by programmers in
London, they reprogram the signal chip in the cellular phone. The use of this
software, which is easy to copy and to use, is spreading across the United
States and Canada, sometimes being shared through underground computer bulletin
board services (BBS).

4. What security problems are created by employees?


The security problems created by employees are:
1)the executive authorpze plan,ensure security & privacy protection are
integrated & accept risk to the information system
2)Managers develop requirements assess information security information
sensitivity & privacy needs ,develop security plans & work with IT & security on
monitoring
3)IT staff provides document & monitor technical security controls & are
consider the owners of the infrastructure of information system
4)security staff manages the security programe assess risks consult & review
the security plan & privacy impact assessment & manage the monitoring compliance
of reporting activity
5)Auditors review security programme & system for compliance according to
organizational policy or legal requirement
6) Supervisors assure staff compliance with security & privacy training
training &awareness requirements

5. What is the function of risk assessment? How is it conducted for information


systems?
RISK ASSESSMENT
Risk assessment is the first process in the risk management methodology.
Organizations use riskassessment to determine the extent of the potential threat
and the risk associated with an ITsystem throughout its SDLC. The output of this
process helps to identify appropriate controls forreducing or eliminating risk
during the risk mitigation process

Risk Assessment Function

1) Access to education services in target areas and educational policies to


enhance gender equity and cultural pluralism
2)Health - Quality of maternal-child health services

3) providing Income for Production and marketing for small farmers, micro-
entrepreneur businesses, economic activity, and family nutrition

4)providing enviornment for Resource management in selected bio-regions,


policies affecting the environment, and institutional strengthening

5)Trade (Competitiveness) - More open trade and investment policies, accelerated


market integration, and more equitable and efficient labor markets

6) Coordination of budget and annual reporting

The Risk Assessment is conducted in following ways


1. Assign responsibility for leading risk assessment to an individual.
2. Assemble individuals to participate on the assessment team. May include
members from the unit's business and program areas, as well as IT and human
resources functions.
3. Determine the scope of the assessment Will it cover all unit information
technology or a single new asset?
4. If the scope is broad it identifies the unit's information assets through a
comprehensive business impact analysis, then categorize the assets and
prioritize them by criticality.
5. Perform the risk assessment.
6. Document results in a report and submit it to unit management.
7. Document management decisions relating to the accepted level of risk.
8. Develop a work plan to address the most critical risks and track progress
toward remediation or mitigation.
9. Select and implement cost-effective protective measures in the course of the
unit's planning and budgeting process.
10. Over time measure progress using the baseline established by the initial
assessment.

You might also like