mis 205 chapter 8
TRANSCRIPT
-
8/9/2019 MIS 205 Chapter 8
1/34
Management Information SystemsManagement Information SystemsMANAGING THE DIGITAL FIRM, 12THEDITION
SECRING INFORMATIONS!STEMS
C"a#ter $
-
8/9/2019 MIS 205 Chapter 8
2/34
Management Information SystemsManagement Information Systems
Fa%e&oo' ( )or*+s *argest so%ia* net)or'
-ro&*em ( I+entity t"eft an+ ma*i%io.s soft)are
E/am#*es0
2009 18-month hacker scam for passwords, resultedin Trojan horse download that stole financial data
Dec 2008 Koobface worm
a! 2010 "pam campai#ned aimed at stealin# lo#ins
I**.strates0 T!pes of securit! attacks facin#
consumers Demonstrates0 &i.ity of "a%'ing, ma*i%io.ssoft)are
!o.re on Fa%e&oo' 3at%" O.t4
CHA-TER $0 SECRING INFORMATION S!STEMS
Prentice Hall 20112
-
8/9/2019 MIS 205 Chapter 8
3/34
Management Information SystemsManagement Information Systems
Internet 5.*nera&i*ities
Net)or' o#en to anyone
Si6e of Internet means a&.ses %an "a5e
)i+e im#a%t se of fi/e+ Internet a++resses )it"%a&*e or DSL mo+ems %reates fi/e+targets "a%'ers
nen%ry#te+ 7OI-
E8mai*, -2-, IM $nterception %ttachments with malicious software Transmittin# trade secrets
System 7.*nera&i*ity an+ A&.se
CHA-TER $0 SECRING INFORMATION S!STEMS
Prentice Hall 20113
-
8/9/2019 MIS 205 Chapter 8
4/34
Management Information SystemsManagement Information Systems
3ire*ess se%.rity %"a**enges Ra+io fre.en%y &an+s easy to s%an
SSIDs 9ser5i%e set i+entifiers:
$dentif! access points &roadcast multiple times 3ar +ri5ing
'a(esdroppers dri(e b! buildin#s and tr! to detect""$D and #ain access to network and resources
3E- 93ire+ E.i5a*ent -ri5a%y: "ecurit! standard for 802)11* use is optional +ses shared password for both users and accesspoint
+sers often fail to implement ' or stron#ers!stems
System 7.*nera&i*ity an+ A&.se
CHA-TER $0 SECRING INFORMATION S!STEMS
Prentice Hall 20114
-
8/9/2019 MIS 205 Chapter 8
5/34
Management Information SystemsManagement Information Systems
Ma*)are 9ma*i%io.s soft)are:
7ir.ses .o#ue software pro#ram that attaches itself
to other software pro#rams or data files inorder to be e/ecuted
3orms $ndependent computer pro#rams that cop!themsel(es from one computer to other
computers o(er a network) Tro;an "orses
"oftware pro#ram that appears to be beni#nbut then does somethin# other than e/pected)
System 7.*nera&i*ity an+ A&.se
CHA-TER $0 SECRING INFORMATION S!STEMS
Prentice Hall 20115
-
8/9/2019 MIS 205 Chapter 8
6/34
Management Information SystemsManagement Information Systems
Prentice Hall 20116
-
8/9/2019 MIS 205 Chapter 8
7/34
Management Information SystemsManagement Information Systems
Ma*)are 9%ont
-
8/9/2019 MIS 205 Chapter 8
8/34
-
8/9/2019 MIS 205 Chapter 8
9/34
Management Information SystemsManagement Information Systems
S#oofing Re+ire%ting 3e& *in' to a++ress+ifferent from inten+e+ one, )it"
site mas.era+ing as inten+e++estination
Sniffer Ea5es+ro##ing #rogram t"at monitors
information tra5e*ing o5er net)or' Ena&*es "a%'ers to stea* #ro#rietaryinformation s.%" as e8mai*, %om#anyfi*es, et%LIC =E! ENCR!-TION
CHA-TER $0 SECRING INFORMATION S!STEMS
Prentice Hall 201133
-
8/9/2019 MIS 205 Chapter 8
34/34
ublic Ke! 'ncr!ption
T)o =eys ublic ke!? an 'ncr!pt onl!) %(ailableonline or pro(ided to the sender)
ri(ate@"ecret ke!? an Decr!pt onl!)
'/clusi(el! a(ailable to recei(er
-ro%ess
1) "ender encr!pts data usin# ublic
ke! and sends to recei(er 2) .ecei(er decr!pts data usin#ri(ate@"ecret ke!
Prentice Hall 2011 34