Question 1: Provide an IT example that relates to the ethical issues for the ideas of privacy, accuracy, property, and accessibility.
- Privacy issues: involves collecting, storing, and disseminating information about individuals.
- Accuracy issues: involve the authenticity, fidelity, and accuracy of information that is collected and processed.
- Property issues: involve the ownership and value of information.
- Accessibility issues: revolve arounf who should have access to information and they should have to pay for this access.
Question 2: What are the 5 general types of IT threats? Provide an example for each one 
Unintentional acts
Natural disasters
Techinical failures
Management failures
Deliberate acts
Question 3: Describe/discuss three types of software attack and a problem that may result from them
Software attacks include viruses, worms, Trojan horses, logic bombs, back doors, denial of service, alien software and phishing. A growing threat is cybercrime, which often utilizes and phishing attacks. However many problems can also rise from software attack including identity theft, copyright/trademarks, telemarketing, spam, digital contracts, electronic recordings, electronic surveillance, workplace monitoring, email , freedom of speech and libel/slander laws.
Question 4: Describe the four major types of security controls in relation to protecting information systems.
The major types of general controls include physical controls, access controls, administrative controls and communications controls.
Question 5: What is information system auditing?
A detailed internal and external IT audit may involve hundreds of issues and can be supported by both software and checklists. Related to IT auditing is the preparation for disaster recovery, which specifically addresses how to avoid, plan for, and quickly recover from a disaster.
Question 6: What is the difference between authentication and authorization and why are they important to e-Commerce/give an example of their relevance to e-Commerce
Authentication is a process that determines the identity of the person requiring access.
Authorization s a process that determines which actions, rights or privileges the person has, based on verified identity.
No comments:
Post a Comment