IT10

Rhea Mae F. Melendres

BSIT 3-B
Module 1
D. Pre Test

1. How do you understand Information Security?

- refers to the processes and methodologies which are designed and
implemented to protect print, electronic, or any other form of confidential,
private and sensitive  information  or data from unauthorized access, use,
misuse, disclosure, destruction, modification, or disruption.

2. Why information assurance and security important?

- is  important  to organizations because it ensures that user data is
protected both in transit and throughout storage. Information
assurance  has become an  important  component of data  security  as
business transactions and processes consistently rely on digital handling
practices.

E. Assessment:
I. Essay:

1. What is the difference between a threat agent and a threat?

 Threat agent: The specific instance or a component of a threat. For
example, all hackers in the world present a collective threat, while
Kevin Mitnick, who was convicted for hacking into phone systems, is
a specific threat agent. Likewise, a lightning strike, hailstorm, or
 tornado is a threat agent that is part of the threat of severe storms.
Threat: A category of objects, persons, or other entities that presents
a danger to an asset.

2. What is the difference between vulnerability and exposure?

 Vulnerability: A weaknesses or fault in a system or protection
mechanism that opens it to attack or damage.  Exposure is a single
instance when a system is open to damage.

3. What type of security was dominant in the early years of computing?

- Physical  security  was dominating because computing was not
hyper-connected and you physically had to be at
the computing device to use it.

4. Describe the critical characteristics of information. How are they used in

the study of computer security?
- Confidentiality ensures that only those with the rights and privileges
to access information are able to do so. - Integrity of  information  is
maintained when it is whole, complete, and uncorrupted.

5. Identify the six components of an information system and describe

them.
 Software - The software component of the IS comprises applications,
operating systems, and assorted command utilities. Software is
perhaps the most difficult IS component to secure. The exploitation of
 errors in software programming accounts for a substantial portion of
the attacks on information.
 Hardware - Hardware is the physical technology that houses and
executes the software, stores and transports the data, and provides
interfaces for the entry and removal of information from the system.
Physical security policies deal with hardware as a physical asset and
with the protection of physical assets from harm or theft.
 Data - Data stored, processed, and transmitted by a computer system
must be protected. Data is often the most valuable asset possessed
by an organization and it is the main target of intentional attacks.
Systems developed in recent years are likely to make use of database
management systems.
 People - Though often overlooked in computer security
considerations, people have always been a threat to information
security. Legend has it that around 200 B.C. a great army threatened
the security and stability of the Chinese empire. So ferocious were the
invaders that the Chinese emperor commanded the construction of a
great wall that would defend against the Hun invaders.
 Procedures - Another frequently overlooked component of an IS is
procedures. Procedures are written instructions for accomplishing a
specific task. When an unauthorized user obtains an organization’s
procedures, this poses a threat to the integrity of the information. For
example, a consultant to a bank learned how to wire funds by using
the computer center’s procedures, which were readily available.
 Networks - The IS component that created much of the need for
increased computer and information security is networking. When
information systems are connected to each other to form local area
networks (LANs), and these LANs are connected to other networks
such as the Internet, new security challenges rapidly emerge.
6. What system is the father of almost all modern multiuser systems?

- MULTICS

7. Why is the top-down approach to information security superior to the

bottom-up approach?
- Unlike bottom-up approach, the top down approach has a higher
probability of success. It is a methodology of
establishing security policies that is initiated by upper management
who issue policies, procedures, and process.

8. Which members of an organization are involved in the security system

development life cycle? Who leads the process?
- Security  professionals are  involved in the SDLC. Senior
management,  security  project team and data owners are leads in the
project.

9. How can the practice of information security be described as both an art

and a science?
-The practice of information security is termed as  both an
art  and science  because  it has the features of both. At some levels
of security implementation, technology is available and can be
used. ... It  is purely an  art of applying the security measures. So it  is
termed as an  art in such cases.

10.How does security as a social science influence its practice?

- A third view to consider is information security as a social science,
which integrates some of the components of art and science and adds
another dimension to the discussion. Social science examines the
behavior of individuals as they interact with systems, whether these are
 societal systems or, as in this context, information systems. Information
security begins and ends with the people inside the organization and
the people that interact with the system, intentionally or otherwise.

11.Who is ultimately responsible for the security of information in the

organization?
- Everyone is responsible for the security of information  within a business.
From the owner down to a summer intern, by being involved in  the
business and handling data, you have to make sure to keep information
secure and remain vigilant to security threats like hackers.

12.What is the relationship between the MULTICS project and the early
development of computer security?

- MULTICS Much of the early research on computer security centered on a

system called Multiplexed Information and Computing Service (MULTICS).
Although it is now obsolete, MULTICS is noteworthy because it was the first
operating system to integrate security into its core functions. It was a
mainframe, time-sharing operating system developed in the mid-1960s by a
consortium of General Electric (GE), Bell Labs, and the Massachusetts Institute
of Technology (MIT).

13.What was important about Rand Report R-609?

- The importance of Rand Report R-609 is it was the first widely
recognized published document to identify the role of management and
policy issues in computer security.
 14.Who should lead a security team? Should the approach to security be
more managerial or technical?
- Champion or Senior executive who is at the highest level or the
organization should lead a security team.

I. Exercises:
1. Consider the information stored on your personal computer. For
each of the terms listed, find an example and document it: threat, threat
agent, vulnerability, exposure, risk, attack, and exploit.
2. Using the Web, identify the chief information officer, chief
information security officer, and systems administrator for your school.
Which of these individuals represents the data owner? Data custodian?

3. Using the Web, find out more about Kevin Mitnick. What did he
do? Who caught him? Write a short summary of his activities and explain
why he is infamous.

III. Case Exercises

The next day at SLS found everyone in technical support busy restoring computer
systems to their former state and installing new virus and worm control software.
Amy found herself learning how to install desktop computer operating systems
and applications as SLS made a heroic effort to recover from the attack of the
previous day.

Questions:
1. Do you think this event was caused by an insider or outsider? Why
do you think this?

- I believe that this could go both ways this could of came from an insider by
maybe starting a virus from plugging in a USB flash drive that may could
have been infected by a worm or virus. Also I say this could of came from
the outside because one of the employees could of open at email which
contains Virus or worm which they would receive from an outsider.

2. Other than installing virus and worm control software, what can SLS
do to prepare for the next incident?

- This company should put an industry standard firewall into their corporate
computer operation system Also they can try updated the latest antivirus
software so there able to fight often any new

3. Do you think this attack was the result of a virus or a worm? Why do
you think this?

- I think the result of this attach may be virus but not worm. Because this
attach identified is a security issue which can cause by a virus but worm.