StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Security on Computer Systems and Information Systems - Coursework Example

Cite this document
Summary
The paper "Security on Computer Systems and Information Systems " states that HTTP suffers from leakage of information. Login credentials should, therefore, be transferred using different interfaces. One can tell sensitive what information is confidential by just seeing it. …
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER93.8% of users find it useful
Security on Computer Systems and Information Systems
Read Text Preview

Extract of sample "Security on Computer Systems and Information Systems"

Computer security Insert Insert Executive Summary Security on computer systems and information systems is a critical matter toany organization. Organizations face numerous malicious attacks and threats every other time. What is essential to such an organization is to have is to have a plan on how to identify the risks and to be able to address them. The nature of the attack determines the way the strategies being put in place. They include the policies set at the administrative level. The tools authenticate by the organization also vary. Whereas some suite the purpose of one organization they may not address the wants of another adequately. It is also vital to bridge protocol in the organisation in case of an extreme emergency that would otherwise cost the groups dearly. The organization should have a means to prevent such attacks when they occur, for example, having a backup plan. Rooms with sensitive information like the server rooms should have steel doors and enabled biometric system to authenticate users to the room. They should also be locked with huge padlocks to avoid physical attacks by insiders. It is also necessary to have alert systems when there is any bridge being noticed in the organization. Implement as software that informs the administration in case power, for example, goes below the required amount. Failing systems are set with warning systems such as an imminent failure in the hard drives of the organization. It is also necessary to have corrective means to bring back a damaged or altered system back into its original course of action. For instance, the organization should have data recovery mechanisms in case of vital data disappearing. Data Security The history of any organization depends on facts gathered over time. Every process of the society is documented and stored as data. Such information is vital to knowing the organization’s current state, compare it to its past and to make correct future predictions. Data faces physical security threat where somebody walks into an office and transfers the information they want. Others break rooms to get these resources while others just need to be on the internet to access them. To maintain such data, we need physically to protect their locations. It includes the use of steel doors, heavy hinges and padlocks.It is also necessary to employ new means of identifying persons who have permission into these offices. We need to use biometrics to identify bonafide members (Bosworth & Kabay, 2002). Also, employ the use of encrypted passwords to unlock such doors. For instance using MD5, which is a very useful cryptographic function. They make it hard to crack passwords thus buying the organization to get alternative means. When sending highly sensitive information to persons outside the intranet of the respective institution, users can encrypt the information and send the decryption key. That can be done using alternative means that are more secure. The organization can further seek an insurance on its data from insurance companies so that the impact of the group. It is way better than carrying the entire burden on you as an institution. It involves holding somebody indemnity for damages caused to your body. Risk acceptance is a rather tricky to any institution that seeks to make profits. It entails bearing with the situation the way it has happened and move on to other stuff. To protect our data, we also need to use antivirus to avoid our data being eaten away by malicious programs. Some of these malware create a shortcut to the original document, write protect it or even make it inaccessible to the owner. Spyware software and anti-malware programs are inevitable. Maintenance of logs and malware Any organization that values itself should engage in keeping and maintenance of records about their staff and what they did. They should also track when they carried out an activity and for what reasons. Maintenance logs are vital in tracing where a previous problem occurred. They also help to locate hard to find activities through their symptoms. Commonly, they are used in troubleshooting frequent problems in a particular system. To address this, new service pack versions of the os is put to use (Etalle & Zannone, 2014). Most of them have new security patches and have minimal vulnerabilities. It goes forth to prevent people with malicious intentions to bring down the system. Some use malware that the system is not able to defend itself. Use of virtual private networks in the organization is useful in isolating the source of the problem. It also enables the technical personnel to protect other sectors of the system before the bridge gets there. Further, after isolating the cause of the menace on the network, it is easier to troubleshoot it other than wandering around in areas one is unsure. As a result, it saves time and also offers an added advantage of better security in such a network framework. Packets in an organisation need filtering. Most is to ascertain some activities before proceeding just to be sure. There are different ways of filtering packets depending on the advancement of such a network. To better the management of the system, it’s also necessary to monitor such systems through network intrusion detection mechanisms. They make it possible to advance a balance between the concerned application and the security of the organization. Encryption is also inevitable in avoiding strange persons logging into the system and doing things they are not allowed to. Such persons masquerade so that when things go wrong they are not held liable. Sometimes they even alter login details or personal details of other users leading to a denial of service. The Internet There are many protocols that operate through the internet leaving unclosed doors for third parties to access vital information from an institution. They include file transfer protocol, hypertext transfer protocol, voice over internet protocol and simple mail transfer protocol. Any public server faces DoS attacks because of the incoming connections. However, it is possible to decongest the system by minimizing their rate. It is virtually impossible to protect such a system fully against distributed denial of service. We can increase the security by creating a means of authentication to the SMTP server. It enables the user to stop spammers by completely blocking the concerned account of that user. FTP suffers from the bounce back effect. It is a situation where the person is attacking can request for ports indirectly (Talbot & Jakeman, 2009).The users machines play as the intermediary for making the request. They use what is called port commands to have such accessibilities. Currently, there is an improvement on the FTP that cannot allow authorities that would connect to other hosts except the source host. They thwart bounce backs from FTP. We can use banner grabbing to detect just what we need to know about the FTP and which operating system is being aimed. Passwords can be set to block the system after three failed attempts especially when using dictionary attacks or brute force. It goes together with having very powerful password policy. HTTP suffers from leakage of information. Login credentials should, therefore, be transferred using different interfaces. One can tell sensitive what information is confidential by just seeing. Consequently, headers like the server, the source, the intermediate and destination should be included. Thus, implementers should enable configuration of such header information to avoid further identification of the software of the server that could lead to more loopholes on the security of that system. More important is to encode the information on the page URIs (Wong, 2014). They should avoid mentioning of referrer head field when dealing with unsecured connections. Finally, it is important to prevent translation of HTTP requests for files and pathnames. References Bosworth, S., & Kabay, M. (2002). Computer security handbook. New York: John Wiley & Sons. Etalle, S., & Zannone, N. (2014). Understanding Computer Security. Frontiers In ICT, 1. doi:10.3389/fict.2014.00003 Talbot, J., & Jakeman, M. (2009). Security risk management body of knowledge. Hoboken, NJ: Wiley. Wong, M. (2014). Challenges of Security Assurance Standardization in ICT. Journal Of ICT Standardization, 2(2), 187-200. doi:10.13052/jicts2245-800x.226 Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“CIS333 Week 8 Assignment 2 Coursework Example | Topics and Well Written Essays - 1250 words”, n.d.)
CIS333 Week 8 Assignment 2 Coursework Example | Topics and Well Written Essays - 1250 words. Retrieved from https://studentshare.org/information-technology/1678766-cis333-week-8-assignment-2
(CIS333 Week 8 Assignment 2 Coursework Example | Topics and Well Written Essays - 1250 Words)
CIS333 Week 8 Assignment 2 Coursework Example | Topics and Well Written Essays - 1250 Words. https://studentshare.org/information-technology/1678766-cis333-week-8-assignment-2.
“CIS333 Week 8 Assignment 2 Coursework Example | Topics and Well Written Essays - 1250 Words”, n.d. https://studentshare.org/information-technology/1678766-cis333-week-8-assignment-2.
  • Cited: 0 times

CHECK THESE SAMPLES OF Security on Computer Systems and Information Systems

Security in Computer Networks

Most computer users are unaware of the dangers of potential abuse related to these applications and can cause extensive damage or increase the chances of fraud or identity theft or damage to the computer systems and files.... Millions of computer users across the globe today are exposed to the Internet that has raised safety concerns concerning personal data and information.... Computer security is the 'protection afforded to an automated information system to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications)' (NIST, 2008)....
5 Pages (1250 words) Research Paper

Computer Network Security System

The computer systems are linked both internally and externally.... As technology advanced in computing, computer systems became targets as well.... A group of hackers known as the 414s, named after their area code in Milwaukee, Wisconsin, were indicted for attacking 60 different computer systems including the Los Alamos National Laboratory and the Memorial Sloan-Kettering Cancer Center.... The data stored online and offline opens up a threat by falling trap to potential hackers who intrude into our systems or network ...
5 Pages (1250 words) Essay

Information and Systems Security

The paper 'Information and systems Security' seeks to evaluate Network Security as one of the most highly debated topics in the present-day world.... They are designed to affect nearly all parts of an IT system such as Operating systems, Applications, Networks, and Databases.... With this ease of information access comes the issue of security.... With the increase of information flow, there has been an increase in the number of attacks on information by hackers....
6 Pages (1500 words) Assignment

Physical Security Related to Computer Systems

An introduction has been given as to what does physical security means in general and in particular in terms of computer information systems.... In terms of computers and the internet, physical security is defined as a blockade placed about a computing system using secured operating systems and other protective measures to prevent unauthorized access to the information stored on it.... This kind of physical security can also be referred to as computer security or cybersecurity or logical security in which information is protected by operating systems and special software from unauthorized access....
8 Pages (2000 words) Term Paper

Computer System Safety Standard

ystem safety generally Today, people, organizations, and companies are all technologically advancing, and information technology is a backbone of these advancements.... These computers are all controlled by systems incorporated in them.... These systems have general security measures.... Worms are primarily aimed at high or large systems to collect data and feed it to unauthorised users.... It involves risk management and avoidance from injury or any kind of damages to a working system, that is, a computer system....
5 Pages (1250 words) Research Paper

Information Systems Security

The paper "information systems Security" concerns such security systems as PIN numbers, key card accesses, and passwords that could be easily stolen and hacked.... Many public and private sector information systems have failed to meet the desired security standards and protocols defined by IT compliance rules and regulations.... The information systems are exposed to widespread risks, threats, and vulnerabilities that can adversely impact the IT work processes....
8 Pages (2000 words) Essay

Identifying Threats and Vulnerabilities to Computer

Computer security gives rise to the notion of protecting systems from a technological point of view, as well as making systems more secure on the basis of the human factors (Trček 2006).... Furthermore, there is a need to explicitly differentiate the roles of the employees and to stress upon the importance of maintaining the secrecy of protected information and carrying out their duty responsibly.... The backup copies were not functional and the ease of access meant that the information is at a greater risk....
6 Pages (1500 words) Report

The Information Security Management System - Conceptual Mapping

In managing the knowledge management system for information systems, these computer crimes should be addressed fully.... These practices involve designing knowledge management systems that will ensure that corporate data is handled with care and managed properly in order to prevent the breach of information security.... Information security management systems are aimed at ensuring that information on the company is protected (Jennex, 2011).... ScannersThese are individuals who are able to use scanning systems in the vulnerable computer operating system in order to access information on a company....
6 Pages (1500 words) Coursework
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us