Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

1) Discuss the importance of Information Protection. What are the consequences f

ID: 3810167 • Letter: 1

Question

1) Discuss the importance of Information Protection. What are the consequences for not protecting the organizational or personal data and information? In your opinion, has the importance or emphasis on information security increased or remained the same in the organization you work for? Why do you think this has happened?

2)What is risk analysis and threat definition? Explain What is being protected? What are the threats? Where are the weaknesses that may be exploited? Briefly Explain what are the three main types of attacks .

3)

Practicum assignment

The purpose of the Practicum is to put into practice the knowledge, skills and tools you have learned in class and in the business school to address legitimate business problems faced by many organizations and companies. It is to encourage each one of you to apply some of the principles and theories of management to a real situation.

Description of the project

Keys to Success in an Organization

Describe the organization or company you work for today. Identify at least three employees in the organization who are holding managerial positions. Conduct interviews with them about the most important principles and practices for successful management. You should conduct a literature review and develop interview questions.

Deliverable Part 1. Describe the organization/company and identify at least three managers who you will interview. Conduct literature review and develop interview questions.

Deliverable Part 2. Interviews with managers.

Review results of research and findings and write a final report.

Structure of the final report

The following sections should be included in the final report:

Abstract (1/2 page/ 300 words): This section should include a short summary of the issues addressed by the project, the approach used, the lessons learned, and recommendations.

Organization Profile and Analysis (1-2 pages): This section should provide background information with respect to the organization(s) used in the execution of the project data collection. Company names are not required to be disclosed, but this section should include a description of the organization(s), the student’s position within the organization, a short explanation of the organizational structure, and a description of the programs/products/ services offered by the organization.

Project Related Sections (7 pages): This section and its components are dictated by the project requirements, but should include a final section for recommendations and/or conclusions.

The project is designed as an individual project. The report should be written in APA formats and citation requirements. The final report should be 10 pages in length. The report should be double spaced, 12 point type, using Times New Roman font. References are single spaced and should be provided at the end of the report.

Explanation / Answer

1)

Importance of information protection:

It is important to be worried about information protection because much of the value of an organization (or business) is concentrated in the value of its information. Information is the basis of competitive advantage. Without information, neither organization nor the not-for-profit sector could function. Valuing and protecting information are critical tasks for the modern organisation.

In today's high technology environment, organisations are becoming more and more dependent on their information or data. The public is increasingly concerned about the proper use of information, particularly personal data. The threats to information systems from criminals and terrorists are increasing.

Hence it is really important to protect the information.

Consequences of not protecting information or personal data:

As stated above, criminals and terrorists can use the information for destructive work, if information is not protected properly. The personal data can be used to impersonate someone, this can lead to bank fraud or forgery cases etc. For banking sector, if information such as card details, password is not protected, then financial fraud can happen. The attacker can maliciously update the information of organization, leading to chaos situation within organization. These are the major/main consequences if information is not protected.

The information security in the organization has been increased periodically. The reason for this change is whenever some vulnerability is reported, it patched urgently and the system is checked for any other vulnerability. This approach increased the security of my organization.

2)

Risk analysis is the process of defining and analyzing the dangers to individuals or businesses or any other organization posed by potential natural and human-caused adverse events.

A threat is a possible danger that might exploit a vulnerability or loophole to break security mechanism and therefore can cause possible harm.

We can say that risk analysis is used to find threats.

We can say that, important information is being protected. For example, in financial or banking area, netbanking user id and password is protected. The threat is to steal these details and use it to transfer money from victim’s bank account to attacker’s bank account. The weakness that may be exploited here is how we transfer/store the user-id and password onto the server..If we transfer these details as plain text to server, then attacker may capture the information in middle and get the credentials for bank account.

There are many other examples where important information is being protected and the threat to it is that someone who do not have access can access the information without permission. The attacker can exploit many weakness in the system such as weak secret key, storing mechanism etc.

Three main types of attacks :

1.Eavesdropping:

In general, majority of network communication happens as plain text. If attacker listens to the communication channel, then he may get access to important information.

2.Denial of Service:

In this type of attack, attacker send too many request to web server, such that it goes down. This mean that valid users also can not access web server. The main method used to prevent these types of attacks, is to limit the number of requests per ip address per minute.

3.Man in the middle attack:

The attacker can listen to the communication between two users, but he can obtain packers from one user, then modify it and then send it to other user. Upon response from second user, attacker can again change the packets and send it to first user. This can lead to confusion/fraud without user’s knowledge.

There are other types of attacks also such as - Identity Spoofing, Sniffer attack etc.

3)

There is nothing to answer here. This is a practical assignment to conduct interview with managers and then make a report based on it.

Related Questions

1) Determine the empirical formula of a compound that is 85.63 percent C and 14.
Question #779376
1) Determine the grams of the cation present in each of the following compounds.
Question #1003775
1) Determine the grams of the cation present in each of the following compounds.
Question #1004389
1) Determine the intervals where f(x) = 5/7x^7/5 is concave up and concave down
Question #3343154
1) Determine the mass flow rate of steam produced in the steam generator. 2) Che
Question #2327821
1) Determine the maximum pressure increase across a 10 hp pump if the inlet wate
Question #2326085
1) Determine the molar solubility of BaF2 in pure water. Ksp for BaF2 = 2.45 x 1
Question #835640
1) Determine the multiplicative inverse of x^3+x+1 in GF(16) with m(x) = x^4+x+1
Question #3591318

Navigate

Previous
1) Discuss the guidelines for dietary intake during lactation. What supplements
Next
1) Discuss the importance of constructing confidence intervals for the populatio

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.