mis 205 chapter 8

Upload: rakib234

Post on 01-Jun-2018

221 views

Category:

Documents


0 download

TRANSCRIPT

  • 8/9/2019 MIS 205 Chapter 8

    1/34

    Management Information SystemsManagement Information SystemsMANAGING THE DIGITAL FIRM, 12THEDITION

    SECRING INFORMATIONS!STEMS

    C"a#ter $

  • 8/9/2019 MIS 205 Chapter 8

    2/34

    Management Information SystemsManagement Information Systems

    Fa%e&oo' ( )or*+s *argest so%ia* net)or'

    -ro&*em ( I+entity t"eft an+ ma*i%io.s soft)are

    E/am#*es0

    2009 18-month hacker scam for passwords, resultedin Trojan horse download that stole financial data

    Dec 2008 Koobface worm

    a! 2010 "pam campai#ned aimed at stealin# lo#ins

    I**.strates0 T!pes of securit! attacks facin#

    consumers Demonstrates0 &i.ity of "a%'ing, ma*i%io.ssoft)are

    !o.re on Fa%e&oo' 3at%" O.t4

    CHA-TER $0 SECRING INFORMATION S!STEMS

    Prentice Hall 20112

  • 8/9/2019 MIS 205 Chapter 8

    3/34

    Management Information SystemsManagement Information Systems

    Internet 5.*nera&i*ities

    Net)or' o#en to anyone

    Si6e of Internet means a&.ses %an "a5e

    )i+e im#a%t se of fi/e+ Internet a++resses )it"%a&*e or DSL mo+ems %reates fi/e+targets "a%'ers

    nen%ry#te+ 7OI-

    E8mai*, -2-, IM $nterception %ttachments with malicious software Transmittin# trade secrets

    System 7.*nera&i*ity an+ A&.se

    CHA-TER $0 SECRING INFORMATION S!STEMS

    Prentice Hall 20113

  • 8/9/2019 MIS 205 Chapter 8

    4/34

    Management Information SystemsManagement Information Systems

    3ire*ess se%.rity %"a**enges Ra+io fre.en%y &an+s easy to s%an

    SSIDs 9ser5i%e set i+entifiers:

    $dentif! access points &roadcast multiple times 3ar +ri5ing

    'a(esdroppers dri(e b! buildin#s and tr! to detect""$D and #ain access to network and resources

    3E- 93ire+ E.i5a*ent -ri5a%y: "ecurit! standard for 802)11* use is optional +ses shared password for both users and accesspoint

    +sers often fail to implement ' or stron#ers!stems

    System 7.*nera&i*ity an+ A&.se

    CHA-TER $0 SECRING INFORMATION S!STEMS

    Prentice Hall 20114

  • 8/9/2019 MIS 205 Chapter 8

    5/34

    Management Information SystemsManagement Information Systems

    Ma*)are 9ma*i%io.s soft)are:

    7ir.ses .o#ue software pro#ram that attaches itself

    to other software pro#rams or data files inorder to be e/ecuted

    3orms $ndependent computer pro#rams that cop!themsel(es from one computer to other

    computers o(er a network) Tro;an "orses

    "oftware pro#ram that appears to be beni#nbut then does somethin# other than e/pected)

    System 7.*nera&i*ity an+ A&.se

    CHA-TER $0 SECRING INFORMATION S!STEMS

    Prentice Hall 20115

  • 8/9/2019 MIS 205 Chapter 8

    6/34

    Management Information SystemsManagement Information Systems

    Prentice Hall 20116

  • 8/9/2019 MIS 205 Chapter 8

    7/34

    Management Information SystemsManagement Information Systems

    Ma*)are 9%ont

  • 8/9/2019 MIS 205 Chapter 8

    8/34

  • 8/9/2019 MIS 205 Chapter 8

    9/34

    Management Information SystemsManagement Information Systems

    S#oofing Re+ire%ting 3e& *in' to a++ress+ifferent from inten+e+ one, )it"

    site mas.era+ing as inten+e++estination

    Sniffer Ea5es+ro##ing #rogram t"at monitors

    information tra5e*ing o5er net)or' Ena&*es "a%'ers to stea* #ro#rietaryinformation s.%" as e8mai*, %om#anyfi*es, et%LIC =E! ENCR!-TION

    CHA-TER $0 SECRING INFORMATION S!STEMS

    Prentice Hall 201133

  • 8/9/2019 MIS 205 Chapter 8

    34/34

    ublic Ke! 'ncr!ption

    T)o =eys ublic ke!? an 'ncr!pt onl!) %(ailableonline or pro(ided to the sender)

    ri(ate@"ecret ke!? an Decr!pt onl!)

    '/clusi(el! a(ailable to recei(er

    -ro%ess

    1) "ender encr!pts data usin# ublic

    ke! and sends to recei(er 2) .ecei(er decr!pts data usin#ri(ate@"ecret ke!

    Prentice Hall 2011 34