Employees use of unauthorised personal mobile devices can be a threat because it is an unknown object on the IT network. For example, if a user was to save business data onto an unauthorised device and then it was infected by malware, the data could end up in the wrong hands! However, it is not about the IT department forbidding personal devices – if devices are approved then it is safe to have on the network. It’s all about having policies in place and training employees on how to access business data securely. The training should not be limited to the use of mobile devices but, general IT security practices i.e. always encrypt email containing sensitive data or never write login credentials on a piece of paper.

 

2.   Who poses the biggest security threat: insiders or outsiders?
Insiders, as they have access to sensitive information on a regular basis, and may know how that information is protected. If they want to steal it or leak it they can usually do so with far greater ease than outsiders. Furthermore, insiders may also accidentally leak data or otherwise put it at risk – something that outsiders typically cannot do. Whether by attaching the wrong file to an email being sent, oversharing on social media, losing a laptop or USB drive, or through some other mistake, insiders can put an organization's data at risk with little effort.

 3.   Suppose your business had an e-commerce Web site where it sold goods and accepted credit card payments. Discuss the major security threats to this Web site and their potential impact. What can be done to minimize these threats? 

Malicious software and computer viruses are some of the biggest security threats to any E-commerce website. Viruses are normally from external sources and can corrupt files on website if introduced into the internal network. Viruses can completely destroy a computer system and disrupt the operations of the website. Trojan horse is malicious software that has the ability to capture the clients’ information, before any encryption software can take effect. They can also impersonate a customer and pass over bad and malicious codes into the server running the website.to avoid these viruses, Users should exercise reasonable precautions in order to minimize the introduction and spread of computer viruses onto the Rhodes networks. Virus scanning software should be used to check any software downloaded from the Internet or obtained from any questionable source. Virus protection software has to be installed on the computer; check frequently for virus signature updates; and actually scan the files on the PC.

Cyberwarfare is a serious problem because it poses a unique and daunting set of challenges for security experts, not only in detecting and preventing intrusions but also in tracking down perpetrators and bringing them to justice. 

 

2.      What solutions are available for this problem? Do you think they will be effective? Why or why not?

Congress is considering legislation that would require all critical infrastructure companies to meet newer, tougher cyber security standards. As cyberwarfare technologies develop and become more advanced, the standards imposed by this legislation will likely be insufficient to defend against attacks.

 

a program that monitors and analyzes network traffic, detecting bottlenecks and problems. Using this information, a network manager can keep traffic flowing efficiently.

b)      Phishing

is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising as a trustworthy entity in an electronic communication.

c)       Pharming

Pharming is yet another way hackers attempt to manipulate users on the Internet. While phishing attempts to capture personal information by getting users to visit a fake website, pharming redirects users to false websites without them even knowing it.

d)      Spoofing

 is a fraudulent or malicious practice in which communication is sent from an unknown source disguised as a source known to the receiver. Spoofing is most prevalent in communication mechanisms that lack a high level of security

 

 

Question 2

a) Distinguish the TWO (2) methods for encrypting network traffic on the Web. (4 marks)

    1) Secure Sockets Layer (SSL): SSL and its successor Transport Layer Security (TLS) enable client and server computers to establish a secure connection session and manage encryption and decryption activities.

    2) Secure Hypertext Transfer Protocol (S-HTTP) is another protocol used for encrypting data flowing over the Internet, but it is limited to individual messages

 

 b) Briefly explain the following terms.

i. Cyber warfare

  is the use or targeting in a battlespace or warfare context of computers, online control systems and network. It involves both offensive and defensive operations pertaining to the threat of cyberattacks, espionage and sabotage. There has been controversy over whether such operations can be called "war"

 

ii. Computer Forensic

is the practice of collecting, analysing and reporting on digital data in a way that is legally admissible. It can be used in the detection and prevention of crime and in any dispute where evidence is stored digitally.

 

Question 3

a) Without protection against malware and intruders, connecting to the Internet could be very dangerous. Firewalls, intrusion detection system and antivirus software have become the tools to overcome this problem. Briefly explain these THREE (3) tools. (6 marks)

1)firewalls : a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted internal network and untrusted external network, such as the Internet

2)intrusion detection system: monitoring system activity through examining vulnerabilities in the system, the integrity of files and conducting an analysis of patterns based on already known attacks. It also automatically monitors the Internet to search for any of the latest threats which could result in a future attack.

3)antivirus software: Antivirus software was originally developed to detect and remove computer viruses, hence the name. However, with the proliferation of other kinds of malware, antivirus software started to provide protection from other computer threats

 b) Information systems controls is one of the components of an organizational framework for security and control. Information systems controls consist of two - general and application control. A company must know how and where to deploy security tools and security personnel must know what controls a company must have in place to protect its information system. Contrast between General Controls and Application Controls. (8 marks)

General controls apply to all areas of the organization including the IT infrastructure and support services. Application controls refer to the transactions and data relating to each computer-based application system; therefore, they are specific to each application.

 Question 4

Malicious Software programs are referred to as Malware. Describe FOUR (4) types of malicious software.

1)      Spyware- Spyware is any technology that aids in gathering information about a person or organization without their knowledge. On the Internet (where it is sometimes called a Spybot or tracking software), Spyware is programming that is put in someone's computer to secretly gather information about the user and relay it to advertisers or other interested parties. Spyware can get in a computer as a software virus or as the result of installing a new program

2)      Worm- a worm is a self-replicating virus that does not alter files but duplicates itself. It is common for worms to be noticed only when their uncontrolled replication consumes system resources, slowing or halting other tasks.

3)      Trojan (Trojan Horse)- a Trojan horse is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the certain area on your hard disk. A Trojan horse may be widely redistributed as part of a computer virus.

4)      RATs (Remote Admin Trojans) - are a special form of Trojan Horse that allows remote control over a machine. These programs are used to steal passwords and other sensitive information. Although they are "invisible", symptoms such as a slow moving system, CD ports opening and closing and unexplained restarting of your computer may manifest.

 

 Question 5
a) Nowadays securing information systems has become an important issue in organization to protect itself against computer crime.Define computer crime and provide an appropriate example.(3 marks)
any criminal offense that is facilitated by, or involves the use of, electronic communications or information systems, including any electronic device, computer, or the internet. For example such as cyberbullying

 b) Briefly explain THREE (3) reasons why information systems are vulnerable to destruction, error and abuse?(6 marks)

1. Technical: Unauthorized access, introducing errors
2. Communications: Tapping, sniffing, message alternation, theft and fraud, radiation
3. Corporate servers: Hacking, viruses and worms, theft and fraud, vandalism, denial of service attacks

 c) Discuss the THREE (3) most important tools and technology for safeguarding information resources.(6 marks)

1) Firewalls- prevent unauthorized users from accessing private networks. A firewall is a combination of hardware and software that controls the flow of incoming and outgoing network traffic. It is generally placed between the organization’s private internal networks and distrusted external networks, such as the Internet, although firewalls can also be used to protect one part of a company’s network from the rest of the network

2) Intrusion Detection Systems- Commercial security vendors now provide intrusion detection tools and services to protect against suspicious network traffic and attempts to access files and databases. Intrusion detection systems feature full-time monitoring tools placed at the most vulnerable points or “hot spots” of corporate networks to detect and deter intruders continually. The system generates an alarm if it finds a suspicious or anomalous event.

3) Unified Threat Management Systems: To help businesses reduce costs and improve manageability, security vendors have combined into a single appliance various security tools, including firewalls, virtual private networks, intrusion detection systems, and Web content filtering and antispam software. These comprehensive security management products are called unified threat management (UTM) systems.

 Question 6
a) Identity management software automates the process of keeping track of all information systems users and their system privileges, assigning each user a unique digital identity for accessing each system. Define authentication. (2 marks)
Authentication is the process of determining whether someone or something is, in fact, who or what it declares itself to be.

 b) Identify and briefly describe FOUR (4) authentication technologies. (8 marks)

1) Passwords
A password is a shared secret known by the user and presented to the server to authenticate the user. Passwords are the default authentication mechanism on the web today. However, poor usability and vulnerability to large scale breaches and phishing attacks make passwords an unacceptable authentication mechanism in isolation. To a large extent, the value of MFA is that additional authentication mechanisms serve to mitigate the risks associated with passwords.

2) Hard Tokens 
These are small hardware devices that the owner carries to authorize access to a network service. The device may be in the form of a smart card, or it may be embedded in an easily-carried object such as a key fob or USB drive. The device itself contains an algorithm (a clock or a counter), and a seed record used to calculate the pseudo-random number. Users enter this number to prove that they have the token. The server that's authenticating the user must also have a copy of each key fob's seed record, the algorithm used and the correct time. The historical challenge of relying on hardware tokens for MFA has been the requirement that users always carry these tokens with them.

3) Soft Tokens
These software-based security token applications typically run on a smartphone and generate an OTP for signing on. Software tokens have some significant advantages over hardware tokens. Users are less likely to forget their phones at home than lose a single-use hardware token. When they do lose a phone, users are more likely to report the loss, and the soft token can be disabled. Soft tokens are less expensive and easier to distribute than hardware tokens, which need to be shipped.

4)Biometric Authentication 
Biometric authentication methods include retina, iris, fingerprint and finger vein scans, facial and voice recognition, and hand or even earlobe geometry. The latest phones are adding hardware support for biometrics, such as TouchID on the iPhone. Biometric factors may demand an explicit operation by the user (e.g., scanning a fingerprint), or they may be implicit (e.g., analyzing the user's voice as they interact with the help desk).

 Question 7
a)       Describe ransomware. (3 marks)

Ransomware is a type of malware that prevents you from using your computer or accessing certain files unless you pay a ransom. It often encrypts files so that they cannot be opened

 b)      State how do we prevent and protect our computer from ransomware. (3 marks)

1.       Make sure you have installed an up-to-date anti-malware or anti-virus tool

2.       Scan attachments

3.       Ask before you open

 
c)    Discuss the effects of computer crime to an organization. (4 marks)

Damage to intellectual property resulting in the loss of a competitive edge

Without diminishing the effects of the exposure of sensitive customer information, cybercrime and data leaks can also have a negative impact on a company's competitive edge. Consider the effects of having intellectual property like business ideas, marketing campaigns or business expansion plans stolen or exposed. This breach might render any of these ideas useless or ineffective and result in serious damage towards business growth and revenue gains, especially if they land up in the hands of one’s competitors.