User Account

All Pages

Define the term social engineering

Assignment Help Management Theories
Reference no: EM131191463

CSM660 INFORMATION SECURITY MANAGEMENT ASSIGNMENT-

Case 1 - Marcum State University

The personnel department at Marcum State University has recently purchased PCs for individual offices in the various departments so that they can keep their own records. In the past, all records were stored on the university's mainframe computer. By decentralizing this computer function, each department will have better control over its individual records, and the security of these records will be easier to manage. Most of the departments would like to transfer personnel records of faculty, staff, and student employees in their departments to their PCs from the mainframe. Dr. John Gould, Chairperson of the Accounting Department, would like to use the personnel data regarding the people in his department to generate some statistics concerning salaries, vacation days used, and absences. Rather than code the files or use social security numbers, Dr. Gould would like to keep the names of the individuals with the information that is recorded about them.

  • What are some of the security considerations in this conversion?
  • What are some of the ethical and legal ramifications of keeping files with a person's name attached?
  • What might be a better way of extracting (and storing) this information to ensure maximum security and control?

Case 2 - Bishop Enterprises

Bishop Enterprises, located in Seattle, Washington, is a medium-sized business specializing in building concrete structures (storage building, bridges, utility buildings, and various defense-related installations).

Peter Bishop, president of the company, states that security of its computer systems is critical due to the competitiveness of the commercial concrete industry and the need to protect defense-related information. BE's computer system, as is typical of many, grew on an ad hoc basis as the company grew. Security was not an issue in the early days when there were only a few key employees and the day-to-day, hands-on-management style assured constant vigilance. Mr. Bishop now feels that a solid security package should be added to ensure the ongoing protection of the computer operation.

Mr. Bishop has assigned the task of evaluating several security packages to the director of computer operations, James Clarke. The four objectives that Mr. Clarke has defined for the package selected are:

1. Accountability

2. Auditability

3. Integrity

4. Usability

What factors should be included in an official policy statement sent out with the request for proposal to the vendors? Write a clear and concise statement so that the vendor is able to respond correctly.

Case 3 - Read the following scenario and then answer the questions below.

"Stafford, Cripps Stockbrokers, Accounts Dept, Susan Briggs speaking"

"Susan - we need your help. I'm Dave Bloggs, manager of the new audit division. I'm doing a statutory audit of the accounts system and need a password to check access controls. What is your password?"

"Are you from that new division in Manchester controlled by Mr Stafford himself?"

"Yes - that's us"

"I would like to help but I cannot give you my password without authorization from my manager"

"Glad to see you're careful Susan - I'll contact your manager directly - what is his name?"

"Michael Phillips"

"Many thanks - I'll speak to Mike and mention your help"

Later:

"Stafford, Cripps Stockbrokers, Accounts Dept, John Nugent speaking"

"Good morning John. I'm Dave Bloggs, assistant manager to Mr Stafford the CEO in Manchester. We are redesigning the accounts system with your manager Michael Phillips and John, we've decided to include you on our team"

"Really? Thank you"

"It will be a demanding role but it is a high profile project - do well and promotion could be yours. So, John, to get things rolling I need some help from you. We've already approached your colleague Susan Briggs for her password and now need yours."

"Of course - it's o-p-e-n-d-o-o-r"

"Thank you John"

  • In the context of the above scenario, define the term 'social engineering'.
  • In the above scenario, identify FOUR (4) instances where the staff member was subject to a social engineering technique. Identify the technique and say why it was used.
  • Compare different methods of making staff more aware of 'social engineering' techniques.

Case 4 - Bank of Shenandoah Valley

Today, banks are transferring large sums of money electronically and facing enormous exposure in the process. The Bank of Shenandoah Valley, located in Roanoke, Virginia, is actively involved in this process. The possibility of funds transfer fraud is prompting many banks to adopt protective measures. The two most common techniques used in the banking industry are encryption and message authentication. Encryption involves the scrambling of messages sent-for example, from a commercial bank to the Federal Reserve Bank. An authenticated message is sent clear-anyone who intercepts it can read it. Tacked on to the message is a related secret code that only the receiving party is capable of decoding.

Most observers say that authentication offers more security than encryption because a key is involved.

The Bank of Shenandoah Valley is considering both options and needs to address the following questions:

  • Are there major differences between the two techniques?
  • Are all messages critical or would encryption/authentication be applied only to certain transmittals? If so, which ones?
  • Will these processes slow down operations?
  • What other safeguards should be considered? (Provide 3 suggestions).

Reference no: EM131191463

Questions Cloud

Describe the three most important rules of media buying : You have been assigned the task of purchasing media for your client's advertising campaign. In a two to four-page paper, discuss the steps you would use in determining how you would select a media venue. Describe each of the five W's for your medi..
Prepare a multi-step income statement for each year : Prepare a multi-step Income Statement for each year. Prepare a balance sheet for each year using the information given. Calculate Working Capital, Return on Investment and Return on Equity Ratios for each year
Discuss the effect on the assessable income of the parent : Discuss whether or not the three payments are income from personal exertion.- Discuss the effect on the assessable income of the parent.
Would all employees benefit from these policies : Suggest two policies that you think employers could institute that would best promote work-life balance among their employees. Be sure to explain why you think these policies would help. Would all employees benefit from these policies or just cert..
Define the term social engineering : In the context of the above scenario, define the term 'social engineering'. In the above scenario, identify FOUR (4) instances where the staff member was subject to a social engineering technique. Identify the technique and say why it was used
Determine the tension t required to hold the rectangular : Determine the tension T required to hold the rectangular solid in the position shown. The 125-kg rectangular solid is homogeneous. Friction at D is negligible.
What average tax rate will result in increase tax revenues : If the income effect is in effect for all taxpayers, what average tax rate will result in a 8 percent increase in tax revenues?
Determine the internal loads in the handle on a plane : A tennis player at the net holds the racquet firmly in a horizontal position. The ball strikes the racquet head below its center, exerting a normal force of 200 N. Determine the internal loads in the handle on a plane through the center of the gri..
How does change impact motivation of employees : Discuss how employers will explain about the training that will be offered to all employees and how employee job skills will change with the implementation.

Reviews

len1191463

9/3/2016 2:11:17 AM

For each of the cases below, please respond to the question(s) appearing at the end of each case. Strictly confine your responses to 250 - 350 words for each case. Penalty will be imposed if you do not follow the word limit. Keep in mind to document your sources (Internet sites, text material, outside readings, etc.). Your marks will depend heavily based on the originality of your answer.

Write a Review

Management Theories Questions & Answers

  Research erp systems by visiting the erp company

Research ERP systems by visiting the ERP company provider web site of your choice (e.g. SAP, Ellucian, Oracle, Peoplesoft, Microsoft, Workday, etc.) Write an essay of between 750-1000 words about the value and ROI associated with deploying an ERP sys..

  Employees owe their employers loyalty and obedience

Question 1"Employees owe their employers loyalty and obedience; therefore, they should never blowthe whistle." Discuss this statement by drawing on the arguments of De George andJames.

  Socially responsible behavior of travelers

Not using the full travel of a ticket breaks airline rules but not the law, so it's not illegal, unless travelers lie about what they are doing. But is it ethical and socially responsible behavior of travelers?

  Anonymous transactions on the internet

Anonymous transactions on the Internet can have a dark side. Research each of the terms below on the Web. Prepare a one-page report for each term researched. Your paper should describe the problem and provide examples and illustrations where possi..

  Was it unethical for goldman sachs to market the cdos

Would your answer to the question above change if Goldman had not made billions from selling the CDOs? Would your answer to the question above change if Paulson had been wrong, and the CDOs had increased in value?

  Develop a linear trend line for the data

Mop and Broom Manufacturing has tracked the number of units sold of their most popular mop over the past 24 months. This is shown.

  Solve this problem by dynamic programming

A college student has 7 days remaining before final examinations begin in her four courses, and she wants to allocate this study time as effectively as possible. She needs at least 1 day on each course, and she likes to concentrate on just one cou..

  Define "externalities" as they relate to the price

Define "externalities" as they relate to the price of goods and services, and examine how they can distort market forces of supply and demand, detailing both positive and negative effects.

  Summarize current practices or activitie related to function

Summarize current practices or activities related to the function, as well as technical, human relations/interpersonal, and conceptual skills needed to fulfill them.

  Analyze all parts and sections of the uniform contract forma

Analyze all parts and sections of the uniform contract format that could present a problem in this scenario. Suggest how you will adjust your approach to turn the problems you have identified into strengths for your small company.

  What is the glass ceiling

What is the glass ceiling? What are the possible consequences to an organization that has a glass ceiling? How can employee development break the glass ceiling? Can succession planning help? Explain.

  Value creation process for a firm

As part of any marketing activity, advertising plays a critical role in the value creation process for a firm. Critically examine the important elements of a firm's communication strategy.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd