Free Essay

Essays

In: Computers and Technology

Submitted By joycewango
Words 1440
Pages 6
Security Management and Control

(Date)
(Institution Affiliation)

Introduction
The internet has continued to grow exponentially over time which has led to multiplication of individual, business, and government applications on the internet, with immediate benefits to the end users. These network-based services and applications, however, pose security risks to the information and individual resources of governments and companies. Information that belong to a particular company or individual is an asset that must be protected, therefore, there should adequate security measures to avoid the risk of losing that asset. Network security is a way of protecting the digital information assets of a company. This paper describes the various goals of network security which are: Maintaining information integrity, protecting the information confidentiality and ensuring that the information is available. It is therefore very important that all the networks be protected from all the threats and vulnerabilities for the company to achieve its full potential and goals.
Potential malicious attacks and threats
A threat is defined as any event or circumstance that has the potential to adversely affect the organizational assets, or operations which includes image, functions, mission, or reputation of the company through unauthorized access, disclosure, destruction, modification of information or denial of service. An attack is an exploit or intrusion, which is an assault to a system that makes intentional use of a vulnerability. Examples of malicious attacks are; Hacking, SQL injection, and Password Cracking.
Hacking: Hacking is the unauthorized access of a computer system to get information or data that belongs to someone else. The hacker accesses the system by exploiting s systems’ vulnerability or weakness. The various channels that a hacker gains access to a system are: Misconfiguration attacks, application-level attacks, and operating system attack.
SQL Injection: The attacker may inject SQL (Structured Query Language) command via the webform input box, to make changes to data or gain access to resources. An SQL commands that exploits non-validated input weaknesses may be injected in a database backend and the attacker executes SQL commands via the web application. The use of sequential commands always makes it easier for the attackers to inject SQL commands in the database backend.
Password Cracking: this is a type of an attack where there is penetration to a system network. The attacker uses tools that unlock that resource which is secured with a password. Password cracking can be very simple or sophisticated techniques like brute force attacks, hybrid and dictionary attacks. The password crackers usually identifies encrypted password, retrieve it from computer’s memory through various mechanisms and then decrypts it. The main aim of the password crackers is getting the administrator/root password of the target system, and this gives him/her the administrator rights which enable them to have access to files or applications. The attacker can install a backdoor like Trojan to be able to access to the system in future or even the network sniffer which sniffs the traffic of the network so as to get access to the information that passes around the network. A system which is more powerful in terms computing power than that of the targeted system is used by the attackers for efficient password cracking.
Security controls against potential malicious attacks.
To control hacking, there should be proper authorization techniques to a particular service or resource. The company should implement the firewall technologies that are available. These technologies include hardware devices or programs that protects the services or resources of a private network from the users of another network. Firewall monitor the incoming traffics to pass, refuse or block from accessing the company’s network. Firewall are used with proxy servers and they help by protecting the private networks from hackers or intruders.
To address SQL injection problem, there must proper authentication schemes that prevents the SQL Injection attack, for example, the use of Advance Encryption Standard (AES). The user names and password that are encrypted improves the authentication process. For proper authentication the system server should maintain three parameters for every user who is registered in that system: user’s secret key, user name, and password. The AES scheme has three phases, Registration, Login and Verification Phase. In registration phase, the user selects a unique password and username which is send to the server, which are encrypted by the use of AES algorithm that applies the unique user secret key. In verification phase, the server gets the login query and verifies the corresponding user’s secret key, and if the password and username match then they are decrypted using this key.
The company should also use the password hashing algorithms. Examples of such algorithms are SHA2, MD5, and others. The use of very strong passwords for all the account types can be very useful, lockout policies that restricts the end-user accounts to limit the number of retry attempts, and also the users should not use default account names
Data Loss and Data Theft
The company holds sensitive data that shareholders, business partners, customers, and regulators expects them to protect. However, it is unfortunate that the company experiences high-profile data leakages and massive data loss that involves sensitive corporate and personal data. Example of types of data loss and theft are, Leakage, Disappearance and damage.
Leakage: this is a loss of confidentiality where sensitive data is not controlled by the company any longer. A common example is hacked database. An instance of this is when there was an attack and hackers got an access to records where they stole over 100 million credit-card a US’s largest payment processors.
Disappearance: this is where the correct data copy is not available to the company, which is a loss of availability of the data where the information is erased or become inaccessible and the authorized people cannot get that they need.
Damage: this is the modification of the original data by the attackers. It is a loss of integrity of the data where the information is modified or corrupted, this means unauthorized changing of the information
Impact of the concerns for data loss and data theft.
The incidents of data loss can cause a significant cost to the company. The costs to the company can be very severe which includes liability costs that may not be covered by the insurance policies. The payment processing data that is lost can be repaired for several years, but the customers can clear up the problems and get their finances back. There has been extensive use of electronic records in many fields which possess risks for both the organization and consumers. For the medical records, the risk is privacy and the access of this records access would cause permanent damage rather than temporary. Consequently, the company may face increased regulatory or litigation consequences.
Security controls to protect against data theft and data loss. 1. Encryption: this involves encrypting removable media which will allow the company to ensure that any data that either the employees may take outside the company environment is always secured. Many removable personal devices that has data used for corporate purposes can be encrypted to ensure privacy. For the data that is stored in the encrypted portable device to be read, the user must have a machine that has portable media encryption software installed and it must have the corresponding encryption key 2. Digital rights management (DRM) technology: DRM is a technology that allows the company to encryption techniques to protect data. It uses a technology where the users’ identity should be authenticated first and his/her rights verified to the access the encrypted files. It is form of encryption that remains active when the device is within the company environment or on a shared personal removable device. 3. Synchronize DRM and Content Management Systems (CMS): CMSs allows the control centers for whole content, which includes content production, management and distribution. Integrating DRM-CMS gives solutions that provides the company with the assurance that document and content operations conform to current responsibility, regulatory rules, security and privacy legislation.

References
Abomhara, M., & Kien, G. M. (2015). Cyber Security and the Internet of Things: Vulnerabilities, Threats, Intruders and Attacks. Journal of Cyber Security and Mobility, 4(1), 65-88. doi:10.13052/jcsm2245-1439.414
Nicho, M., & Khan, S. (2014). Identifying Vulnerabilities of Advanced Persistent Threats: International Journal of Information Security and Privacy, 8(1), 1-18. doi:10.4018/ijisp.2014010101
Zaman, M., Ahmad, J., Azhar, M., Nawaz, A., Abbas, S., & Idrees, U. (2014). Implementation of Some Enhancements in Wireless Network Security by Finding Vulnerabilities, Threats and Attacks. Journal of Global Innovations in Agricultural and Social Sciences, 2(3), 143-151. doi:10.17957/jgiass/2.3.597…...

Similar Documents

Premium Essay

Essay

...1 Overview of How to Write an Essay Writing essays is a major element of your education at the university level. Effective writing gives you the ability to express your ideas, theories, arguments, and projects clearly. The skills you acquire at the university level through writing essays will be aimed at practical business applications that you will be able to use in the workplace. The following information provides a succinct overview of the elements you need to know to begin writing an essay. It will help you on your writing journey. Types of Essays Narrative A narrative essay is a story told by a narrator. Generally, a narrative discusses the personal experience of the author (the first person point of view), but it can also be written about things that happen to others (third person point of view). A narrative typically involves characters, a setting, specific and vivid details, and a series of events that can include current incidents, flashbacks, or dialogue. Cause and Effect A cause and effect essay explores why events, actions, or conditions occur (cause) and examines the results of those events, actions, or conditions (effect). For example, a cause could be purchasing a new expensive home. The effect might be fewer family vacations, more time spent on upkeep, or less time with family because of extra work hours to pay for the home. Comparison and Contrast A comparison and contrast essay shows the relationship between two or more elements. The items can be compared...

Words: 6215 - Pages: 25

Premium Essay

Essays

...HOW TO READ ESSAYS YOU MUST ANALYZE 1. Take a pencil in your hand. 2. Read the essay over once, quickly, looking for the main idea, for what the essay is about in general, and for what the author seems to be saying. Don't get bogged down in details. (If you come to an unfamiliar word, circle it but go on reading). 3. Check the meaning of unfamiliar words. If they seem to be key words, i.e., if the author uses them more than once, scribble a brief definition at the bottom of the page or at the end of the essay. 4. Now re-read more slowly and carefully, this time making a conscious attempt to begin to isolate the single most important generalization the author makes: his thesis. Follow his line of thought; try to get some sense of structure. The thesis determines the structure, so the structure, once you begin to sense it, can lead you to the thesis. What is the main point the author is making: Where is it? Remember, examples or "for instances" are not main points. The thesis is the generalization the author is attempting to prove valid. Your job, then is to ask yourself, "What is the author trying to prove"? Another way of identifying the thesis is to ask yourself, "What is the unifying principle of this essay"? or "What idea does everything in this essay talk about"? or "Under what single main statement could all the subdivisions fit"? If the author has stated his thesis fully and clearly and all in one place, your job is easier. The thesis is apt to be......

Words: 971 - Pages: 4

Free Essay

Essay

...POL1EEH International Relations and the Global Economy Take Home Examination 2 November 2012 INSTRUCTIONS: The examination is worth 35% of the final mark for this unit. Students are to answer ONE question from SECTION A and ONE question from SECTION B, each in essay format, independently. Each essay should be approximately 750 words and should be referenced appropriately. Each essay will constitute 50% of the mark for this piece of assessment. Completed exams should be submitted to the Essay Box in the Politics and International Relations Program Office no later than 5pm on Monday 5 November and also lodged electronically via the Turnitin link on LMS. As this is an examination there will be no extensions. Any exams submitted after the due date will receive 0% for this piece of work. If circumstances befall a student during the examination that prevent timely completion, students should contact Dr Jon Symons (J.Symons@latrobe.edu.au) with written evidence of the problem and an alternative time to complete the examination will be arranged. QUESTIONS: SECTION A 1. To what extent have the main features of the global economic order established after World War II been transformed by globalization? 2. ‘The failure of so many multilateral institutions reflects not just the problems of those institutions but the shortcomings of multilateralism more generally.’ Critically evaluate this claim in relation to ONE multilateral institution. 3. To what extent do liberal ideas retain their......

Words: 356 - Pages: 2

Premium Essay

Essay

...There are some teachers who are going to require you to write a 250 word essay. Actually, it is a very short essay for that matter but for some students, it may also be a burden to have a word limit in writing. Let us take a look at the scenarios that you need to understand to compose a well developed essay. For some students, it may be limiting to have a word factor quota in writing an article. There are some individuals who can tell more out of a topic and that having 250 words will not suffice to tell everything in their minds. That is why you need to have the skills in budgeting the words that you have to write without sacrificing the ideas that you have to deliver. There are different essay types that you also need to consider so having a word limit cannot simply be an easy task. Still for some students, a 250 word essay may mean too much because there are also some people who do not want to waste their time writing. No matter what the essay structure may be, these types of people are not really eager to translate their thoughts to written form so they think 250 words simply equates to too much work. Anyway, you need to understand that having this kind of limit will eventually benefit the students as they improve their discipline, being responsible and being resourceful individuals. We can offer you to buy essays from us so you do not have to worry about the number of words in writing. Let our writers make your life easier today...

Words: 273 - Pages: 2

Premium Essay

Essay

...An essay is usually a short piece of writing. It is often written from an author's personal point of view. Essays can be literary criticism, political manifestos, learned arguments, observations of daily life, recollections, and reflections of the author. The definition of an essay is vague, overlapping with those of an article and a short story. Almost all modern essays are written in prose, but works in verse have been dubbed essays (e.g. Alexander Pope's An Essay on Criticism and An Essay on Man). While brevity usually defines an essay, voluminous works like John Locke's An Essay Concerning Human Understanding and Thomas Malthus's An Essay on the Principle of Population provide counterexamples. It is very difficult to define the genre into which essays fall. Aldous Huxley, a leading essayist, gives guidance on the subject: Like the novel, the essay is a literary Abstract This article will examine the reasons why it is important both linguistically and psychologically to build a vocabulary quickly when learning a foreign language. The article asserts that very little can be achieved or learned in a foreign language with a small vocabulary and that by building a sizable vocabulary quite quickly one can soon be able to function adequately. You may also wish to look at http://www.jalt-publications.org/tlt/files/95/feb/meara.html   Introduction   It is obvious that in order to learn a foreign language one needs to learn many many words. But how many?......

Words: 332 - Pages: 2

Premium Essay

Essay

...to write A Level Sociology Essay Assessment With reference to the present AEB syllabus, there are three main skills being assessed in your essays. 1. Knowledge and Understanding (9 marks) 2. Interpretation and Application (9 marks) 3. Evaluation (9 marks) What Does This Mean? What this means is that for writing an essay is that the content (studies, names of researcher, dates, figures, concepts, although important need to be organised coherently, applied to a variety of social situations and interpreted, and expressed in a critical fashion. You must be aware of the skills being highlighted in the question in order to use the appropriate skills in your essays. You should also practice writing essays regularly and develop a technique which addresses the skills required so that you can actually answer the question set. I hope that this handout should allow you to achieve this. Stage One Many students are too quick into diving into an answer. They have focused on certain key terms and ‘assumed’ what the essay requires from a quick look at the question. Instead, the question should be read a number of times. Task One With the title provided. Analyze the question by underlining the key features in the essay title Double underline the skills being assessed, e.g., describe and explain Identify any terms or concepts contained in the question. These terms will need to be defined, i.e. concepts such as interactionists. Essay questions will also......

Words: 1452 - Pages: 6

Free Essay

Essay

...I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay I’m sorry this is not a real essay...

Words: 256 - Pages: 2

Free Essay

Essay

...Studieportalen.dk? Klik her for at oprette en bruger. Kommentarer til Save as many as you ruin - Essay * Kommentar #1 12. oktober 2012 Af IsabellaFF Wow, hvordan er du blevet så god til engelsk? :) Hvis jeg må spørge - du må have et eller andet trick. :D ------------------------------------------------- Øverst på formularen Nederst på formularen * Kommentar #2 24. november 2011 Af benjaminpetersen Fantastisk essay. Fortjent 12-tal. Grunden til at forrige kommentar, tror at du kobler det med Helligtrekongersdag, kunne være fordi at ordet "epiphany" både kan oversættes til førnævnte, men også betyde en slags åbenbaring. (Sudden realization) Men igen, super essay :) ------------------------------------------------- Øverst på formularen Nederst på formularen vis/skjul svar * 01. januar 1 Af Longarm Tak Benjamin, - og skarpt observeret! Nu giver det mere mening. :) God weekend! * Kommentar #3 28. august 2011 Af Fiierne Virkelig flot essay. Noget jeg ikke helt fanger er hvordan du kobler det sammen med Helligtrekongersdag? ------------------------------------------------- Øverst på formularen Nederst på formularen vis/skjul svar * 01. januar 1 Af Longarm Hvorfor skulle jeg det? :) Det må være en ekstra opgave i er blevet stillet :) * Kommentar #4 17. juni 2011 Af backus Et virkeligt velskrevet og rammende essay. ------------------------------------------------- Øverst på formularen Nederst......

Words: 758 - Pages: 4

Free Essay

Essay

...------------------------------------------------- Red River College ECE Program ECED-2009 Research Essay Assignment Value: 30% Select a topic related to Early Childhood Education for this assignment. The list on the following page may be helpful for some ideas, although you are not restricted to these topics. Approve your topic with your instructor by: _______ . Duplication of topics will not be allowed, and topic choice is on a first-come, first-served basis. Search for resources related to this topic. Check the Learning Centre, as well as the Library. Conduct an Internet search. For your paper, you need a minimum of 4 current (less than 8 years old) references. Include a minimum of one of each of the following: - book - scholarly journal article (from EBSCOHOST or other scholarly database) - reliable internet source. Use the APA style of documentation (see text) to write a 3 - 4 page paper. Include an introduction, thesis statement, body (that includes background information and at least 3 points of discussion), a conclusion, and a reference page. The reference page is not included in the length. You will also complete a 5 minute presentation to the class based on your research. Refer to Considerations for Effective Presentations. Use peer editing as part of your writing process. That is, when you have a draft completed, ask at least one peer to provide feedback using the peer editing rubric. Be mindful of the peer’s......

Words: 895 - Pages: 4

Premium Essay

Essay

...paragraph. The idea is to allow the author to develop an argument and support it with ideas. • Stated first and last The topic sentence appears both at the beginning and at the end. It is a technique that is used by authors in cases where the content of the paragraph is complex. The topic sentence that appears at the end aims to remind the readers about the content in the paragraph so that they do not loose focus. • Stated implied This is a situation where an author states an obvious topic sentence to avoid being direct. In this case, the topic sentence is not conspicuous. The readers have to read in between the lines to identify the hidden topic sentence. 13. Paragraphs are the building blocks of coherent, authoritative and well-developed essays. An adequately developed paragraph should contain the following four details; Topic sentence This is a sentence that traditionally appears as the first sentence. However, the topic sentence could also appear at the end, in the middle, at the beginning and at the end or implied. It informs the reader the subject matter of the paragraph. The reader is in a position to internalize what to expect in the paragraph. In addition, the topic sentence substantiates the thesis statement. Conclusion This is a summarizing sentence that comes at the end of the paragraph. The sentence wraps up the argument developed in the paragraph and gives a summary. The conclusion helps the reader to connect the argument that is being developed and......

Words: 1078 - Pages: 5

Free Essay

Essay

...Lindsay Apedaile Ms. Brown English 1020 2 November 2015 4.1 Ravisankar begins his essay by describing consumers and their want for low prices then describes sweatshops and their conditions. The problem he identifies is consumers demand lower prices to do this, corporations cut the cost on their employees either decreasing their wages or worsening their working conditions. Ravisankar assumes his readers are poor college students looking for lower prices and have a basic understanding of what a sweatshop is but does not fully know the appalling conditions of sweatshops. His purpose in this essay is to raise awareness of the degrading environment of sweatshops. In order to accomplish this purpose, he appeals mainly to pathos an appeal to emotions by mentioning how bad sweatshop working conditions are and its consumer’s. He also appeals to logos when he writes that people should have equal rights as others like pay. In this essay, Ravisankar addresses the main argument against his thesis the idea that the big companies like Nike, Reebox, and Gap are to blame for decreasing conditions in sweatshops. He refutes this argument by saying these companies are taking apart of “the race to the bottom” the pressure for low costs. Finally, he concludes by making the point that universities purchase around $3 billion in clothing with the universities name on it. This puts pressure on the companies to provide living wages and reasonable working. Overall, the argument Ravisankar makes...

Words: 291 - Pages: 2

Free Essay

Essay

...How to Write a Religious Studies Essay The first thing to understand when approaching an essay in religious studies is the unique nature of the discipline. Apart from its distinctive subject matter, the interdisciplinary nature of the field makes the study of religion both fascinating and highly challenging. The academic study of religion requires more than knowledge of individual texts, beliefs and practices, and may draw upon fields as diverse as history, sociology, anthropology, hermeneutics, and linguistics. For this reason, your instructors will expect you to familiarise yourself with and be able to employ a variety of different theories and methods. The interdisciplinary nature of the subject is also reflected in the various kinds of essays you will be asked to write, which may include a mixture of comparative, textual, ethnographic, hermeneutical, sociological and historical approaches. The academic study of religion takes place in a secular rather than a faith-based context. Since it aims to understand religion from a perspective that can be shared by all, and limits itself to evidence that is available to all, you will not be required to try to prove or refute particular religious beliefs. As an interdisciplinary academic subject, religious studies employs historical, textual, cultural, sociological and anthropological methods to contextualise, interpret and understand religious beliefs, practices, traditions and communities. As such, it is important......

Words: 250 - Pages: 1

Premium Essay

Essay

...steps in the scientific method? Type your response here: 4. Why did most Medieval philosophers and scientists feel that experimentation was unnecessary? Type your response here: 5. Why did the Enlightenment writer Voltaire get into so much trouble in France and elsewhere? Type your response here: Part 2 Write a well-developed essay of two to three paragraphs on one of the topics below. Make sure you use specific information from this lesson and, if need be, from previous lessons. Proofread your essay to eliminate errors in grammar and spelling. (Each question is worth 15 points) 1. Choice #1: Compare and contrast the careers of Galileo Galilei and Isaac Newton. What discoveries did each make? How were their methods similar or different? How were both received by the religious and political authorities of the day? A complete answer will include an assessment of the political and cultural climate in which each thinker lived.  Choice#2: Write an essay explaining how the Scientific Revolution influenced Enlightenment thinkers in other disciplines. Your essay should mention at least two of the following thinkers and topics: divine right of kings, empiricism, Vesalius, Descartes, Hobbes, or Voltaire. Type your response here: ----------------------- Submission ----------------------- © 2013 EDMENTUM, INC....

Words: 295 - Pages: 2

Premium Essay

Essay

...How to determine custom essay editing company that is legitimate This is the company you will find great editors to provide you with custom essay editing service. Students whose first language is not English may find speaking and writing in English as a difficult task for them. Most of these students are international students who have enrolled in various universities in America and in the UK. The main teaching language is English, American and Standard English respectively. It is essential for students to master well the language of instruction because it is a medium through which they are required to write their assignments and speak in classroom. Competence and fluency in English language will help students to read and understand the teaching material provided to them. It is important therefore for students to ask for support from custom essay editing services which deal with the tips of writing good essays among other academic papers and also to write for them assignment essays. Our writing and editing services is created both for students and professionals. We deal with both the non academic and academic editing and writing services to fulfill your needs. At our custom essay editing, you will find editors who are qualified in linguistics and English language. We are ready to provide you the custom essay editing service at any time of the day or night because we operate as a 24/7 service. Our custom essay editing service comprises of creative thinkers, skillful......

Words: 574 - Pages: 3

Free Essay

Essay

...Der Essay Was ist ein Essay? Nach der Duden-Definition ist ein Essay eine Abhandlung, die eine literarische oder wissenschaftliche Frage in knapper und anspruchsvoller Form behandelt. Einen Essay schreiben heißt also wissenschaftliches Schreiben, eine kritische Auseinandersetzung mit einem Thema. Ausgangspunkt für einen kritischen Essay ist in der Regel ein Problem, eine strittige Frage oder eine These, die in dem Essay dann bewusst subjektiv diskutiert werden soll. Dabei benötigt der Einstieg in den Essay/in das Thema einen Aufhänger. Das kann ein aktuelles Ereignis sein, oder auch eine persönliche Begebenheit. Es muss klar werden, warum Sie sich zu diesem Zeitpunkt mit dem gewählten Thema auseinandersetzen und weshalb Sie dem Thema eine gewisse Relevanz zusprechen. Anforderungen an einen Essay Das Schreiben von Essays soll die kritische Beurteilung und das Abwägen wissenschaftlicher Positionen fördern; dabei wird kein Anspruch auf vollständige Darstellung in allen Details erhoben, wichtiger ist die Betrachtung des Gegenstandes in einem größeren Gesamtzusammenhang. Mehr noch als bei Hausarbeiten muss man daher zwischen Wichtigem und Unwichtigem unterscheiden. Als AutorIn hat man damit die Möglichkeit, wissenschaftliche Erkenntnisse zusammen mit eigenen persönlichen Beobachtungen und Eindrücken zu schildern. Im Mittelpunkt steht jedoch die wissenschaftliche Argumentation, die zum Ausgangspunkt für Ergänzungen und Überlegungen genommen wird.......

Words: 837 - Pages: 4