Beruflich Dokumente
Kultur Dokumente
Types of exploits
- Virus
- Worm
- Trojan horse
- Distributed denial of service
- Root kits phishing attacks
- Smishing
Types of procreators
- Hackers
- Crackers
- Malicious insiders
- Industrial spies
- Hacktivist
- Cyber terrorist
- Cyber criminals
Protection
- Implement trustworthy computing – method of computing that delivers secure private and
reliable computing experiences based on sound business practices
a. Invest n expertise and technology required
b. Develop trust by educating consumers
c. Work with law enforcement agencies, industry experts, academia and private sectors to
create and enforce a secure computing
d. Provide user with a sense of control over their personal information
e. Contribute to standards and policies created by industry and government
f. Make privacy a priority in the design development and testing of product
- Reliability
a. Build system so as to continue providing services in the face of internal and external
disruption
b. System that can be restored to a previously known state with no data loss in the invent of
disruption
c. They provide accurate and timely service whenever needed
d. Build system so that required changes and upgrades do not disrupt them
e. Build that they contain minimal software bugs
f. Build systems that they work as expected
g. Transparency business integrity
h. Be responsible ( take responsibility for problems and take actions to correct them)
i. Be transparent ( open in dealing with customers, keep motives clear, keep promises and
make sure customers know where they stand when dealing with the company
e.g ethics policy, information sensitivity policy , risk assessment policy, comm devise policy
- prevention of systems e.g firewall, IDS (intrusion detective system), antivirus, implementing safe guard
against attacks by malicious attackers, defending against cyber terrorism, address the most critical
internet security threats, conducting periodic IT security audit
- detection
- response e.g incident notification, protection of evidence and activity logs, incident containment,
eradication, incident follow up