Thursday, October 17, 2019

Common Information Security Threats Essay Example | Topics and Well Written Essays - 750 words

Common Information Security Threats - Essay Example Example in this sense includes interprocess messages. Other data susceptible to compromise from attackers include, information prepared by a program, and stored. In most instances, the data is modified by the hacker. The modified data provides the hacker a chance to exploit the organization’s program. Additional threat in this light involves direct modification; this enables hackers to initiate other indirect modifications. Example includes altering the internal program information. The altered information makes it easier to create a code that operates arbitrary; as a result, an attacker can add an admin user not authenticated by the systems database. Threats facing service availability Computer and network threats may involve an attack to paralyze service available, such activity halts application functions. In other occasions, an attack on service availability slows down the server. As a consequent, authenticated users are unable to access the server. Compromising service av ailability involves convincing others to hack the firm’s server, attacking bugs, and particularly, the networking stack. System integrity threats This threat, involve altering the organization’s system to create a system that is not trusted. Compromise on the integrity of network systems may involve acts such as creating a malicious code, using root access. The intention, involve enabling the system to permit the code used by the hacker. The hacker may capitalize to create a malicious code, as a result of buffer overflow. The moment the hacker accesses administrative control of the firm’s network system, it becomes difficult to mitigate such threat. Additional threat, may involve impersonation of the server by the hacker; as a result, the hacker can retrieve an authentic password and username. This allows the attacker to obtaining the status of a legal user. An unauthorized user can also alter the firm’s software to prevent certain operations. Example inc lude, repudiating the use of a security item such as credit card. Values for threat and vulnerability Investing on controlling threats and vulnerability within any organization is crucial in terms of minimizing attacks on the information security systems. In essence, it enables the company to prepare adequately, and prevents the anticipated risks. Further, Identifying threats and vulnerability assist in planning for appropriate security tests. This allows the firm to put in place effective measures to minimize security threats on a long- term basis (Jenkins, 1998). Risk management techniques The appropriate risk management techniques for organizations, involve implementing programs, efficient in terms of protecting information systems. This requires a focus on a risk management policy geared toward establishing a cost-effective security system. Further, appropriate management

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.