Information Systems Security is the safeguarding of the computer system from attacks or
destruction. Computer systems are vulnerable due the following reasons.
a. Destruction/error/abuse/misuse: -
i. Hardware failure due to natural causes; electrical failure; etc.
ii. Software failure; bugs; poor design etc.
iii. Human errors.
iv. Theft/corruption of data.
v. System penetration by illegal access.
vi. Complex computer system difficult to replicate manually.
vii. As data is more compact, potential loss is greater.
viii. As data is more compact potential damage by abuse/misuse greater.
ix. Advent of networks has greatly increased the potential of unauthorised access.
Paper based systems are less compact and intercommunication is much harder.
b. Risk Assessment: -
Risk can be defined as the product of the amount that may be lost due to a security
exposure and the probability or frequency that such a loss will occur. Potential threats may
be identified by past experience, use of experts or brainstorming techniques as well as their
anticipated frequency (once per month etc.) and potential monetary cost. The controls that
might be necessary to counter the threat are also estimated and a judgment made whether
the control costs are more or less than the threat and if so should the control procedures be
implemented. Controls may be general or application controls.
]General controls are those controls which are not specific in nature. This may include
things like authorization of use and the general awareness of the risks by the employees.
Application controls are those controls over the inputs, processing and the output. This may
includes things such are validation checks and maintenance of data.
c. Worms & Viruses: -
A worm is a program that transfers itself from computer to computer over a network and
plants itself as a separate file on the target computer. This program is destructive in nature
and may destroy data or utilize tremendous computer and communication resources but
does not replicate like viruses.
A worm does not change other programs but can run independently and travel from
machines to machines over the network. Worms can also have portions of themselves
running on many different machines.
A virus is contagious and is a set of illicit instructions which are passed onto any other
programs or documents with which it comes into contact. Viruses are malicious computer
programs. Traditional viruses attach themselves on other executable code, infect the user‘s
computer, replicate themselves on the user‘s hard disk and then damage data, hard disk or
files. Viruses attack the following parts of a computer:-
o Executable program files
o File directory systems
o Boot and system areas that start the computer
o Data files
d. Public Key Encryption (PKE): -
Encryption means encoding a message into some form of code so that only the person
receiving the message can decode the message. PKE uses two keys, a public key and a
private key. The sender uses the public key to encrypt a message which is transmitted over
the internet. When the message is received the recipients use their own private key to decode
the message.
In encryption the message is converted from the plain text into a secure code called cipher
text and cannot be understood before decryption to plain text again.
Encryption key is piece of information that is used within the encryption logarithm to make
encryption or decryption process unique making the user to require a correct key to decipher
the meaning.
Encryption logarithm is a mathematically based function or calculation which encrypts or
decrypts.
In the PKE the two keys work together as a pair. The public key is known to everyone but
the private key is known to an individual thus the only person who can decrypt the message.
gregorymasila answered the question on February 15, 2018 at 15:56
- The development of powerful desktop computers coupled to telecommunication networks
has revolutionized the way organizations may carry out their business.
The following are some alternatives for...(Solved)
The development of powerful desktop computers coupled to telecommunication networks
has revolutionized the way organizations may carry out their business.
The following are some alternatives for an organization‘s internal and external
communications: -
a. Client-Server
b. Internet
c. Intranet
d. Extranet
Date posted: February 15, 2018. Answers (1)
- Consider a supermarket chain and the use they may make of information systems in the
running of their business. Some of the objectives they are...(Solved)
Consider a supermarket chain and the use they may make of information systems in the
running of their business. Some of the objectives they are faced with are: -
a. Easy product identification;
b. Fast customer processing at the cash tills;
c. Extremely efficient stock control;
d. Rapid bulk replacement of goods from suppliers.
Describe in detail how Information Systems can help supermarket chains with these specific
objectives. Your answer should outline the systems involved, the hardware that might be
required and an indication of how the various systems might interact with each other.
Date posted: February 15, 2018. Answers (1)
- Differentiate between pseudo code and flowcharts(Solved)
Differentiate between pseudo code and flowcharts.
Date posted: February 14, 2018. Answers (1)
- What is: (1) Program (2) Algorithm (3) Translator (4) Hardware (5) Object code(Solved)
What is: (1) Program (2) Algorithm (3) Translator (4) Hardware (5) Object code
Date posted: February 13, 2018. Answers (1)
- What is a predicate in a system program?(Solved)
What is a predicate in a system program?
Date posted: February 13, 2018. Answers (1)
- Give one advantage and one disadvantage of using the string data type in a computer program. (Solved)
Give one advantage and one disadvantage of using the string data type in a computer program.
Date posted: February 13, 2018. Answers (1)
- Define a container, an iterator, and an algorithm as they relate to the STL in a computer program.(Solved)
Define a container, an iterator, and an algorithm as they relate to the STL in a computer program.
Date posted: February 13, 2018. Answers (1)
- How does the STL make it easier for a programmer more reliable C++ programs?(Solved)
How does the STL make it easier for a programmer to create more reliable C++ programs.
Date posted: February 13, 2018. Answers (1)
- Describe the function of mutable in a computer program.(Solved)
Describe the function of mutable in a computer program.
Date posted: February 13, 2018. Answers (1)
- Explain the term namespace as used in a C++ program.(Solved)
Explain the term namespace as used in a C++ program.
Date posted: February 13, 2018. Answers (1)
- What is the principal restriction placed on a const member function in a C++ program?(Solved)
What is the principal restriction placed on a const member function in a C++ program?
Date posted: February 12, 2018. Answers (1)
- Explain the purpose of explicit in a C++ program.(Solved)
Explain the purpose of explicit in a C++ program.
Date posted: February 12, 2018. Answers (1)
- What does a conversion function do in a C++ program?(Solved)
What does a conversion function do in a C++ program?
Date posted: February 12, 2018. Answers (1)
- Given a function called counter(), show the statement that causes the compiler to compile this function for C language linkage.(Solved)
Given a function called counter(), show the statement that causes the compiler to compile this function for c language linkage
Date posted: February 12, 2018. Answers (1)
- What header must be included in a C++ program when using array-based I/O ? (Solved)
What header must be included in a C++ program when using an array-based I/O?
Date posted: February 12, 2018. Answers (1)
- What makes a static member variable different from other variables in C++ language?(Solved)
What makes a static member varible different from other member variables in C++ language?
Date posted: February 12, 2018. Answers (1)
- What type of object is obtained by the typeid operator in C++ programming?(Solved)
What type of object is obtained by the typeid operator in C++ programming?
Date posted: February 12, 2018. Answers (1)
- Explain how dynamic-cast can sometimes be an alternative to typeid in C++ programming.(Solved)
Explain how dynamic-cast can sometimes be an alternative to typeid in C++ programming.
Date posted: February 12, 2018. Answers (1)
- In addition to the standard cast, C++ defines four casting operators.What are they and what are they for?(Solved)
In addition to the standard cast, C++ defines four casting operators.What are they and what are they for?
Date posted: February 12, 2018. Answers (1)
- Explain various types of computers(Solved)
Explain various types of computers.
Date posted: February 10, 2018. Answers (1)