IS Security and Risk Management
VerifiedAdded on 2022/09/17
|14
|3442
|24
AI Summary
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
IS Security and Risk Management 1
IS Security and Risk Management
Student’s Name
Instructor’s Name
Institutional Affiliation
City/Sate
Date
IS Security and Risk Management
Student’s Name
Instructor’s Name
Institutional Affiliation
City/Sate
Date
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
IS Security and Risk Management 2
IS Security and Risk Management
Accelerating rates of changes have been observed in the media landscape over the past
decades. The invention of the internet and more resent social media has been the most
considerable influence on these changes. With the new technology, different organizations have
been putting efforts in order to achieve their goals in this digital era. As a member of the MBC
TV broadcasting organization, in order to accomplish the mission and the purposes of the
company, the organization has allowed the employees to use their own computing devices that
includes, laptops, smartphones as well as tablet PCs. To work with them, using them as
additional devices or instead of an organization supplied devices. This idea, however, has
brought to it some benefits to the company, but also comes about with some severe challenges to
the organization. Some of these benefits may include, the organization may not suffer the
expense of buying each and every employee their own device as others already have their
personal tools. On the other hand, employees do not have to queue, waiting for a fellow in order
to use a device. It also makes work more comfortable, among other reasons. Just as mentioned
before, it comes with challenges, as these devices highly vulnerable. Therefore, this paper
investigates the IS security, risk threats, and management of MBC TV organizations that may
originate from the use of personal devices such as mobile that are highly vulnerable and can be
easily exposed.
Types of threats against mobile devices
With increased number of users of smartphone devices, security risks also increased. This
making Mobile devices to turn more vulnerable to attacks. This is due to the fact that people use
a smartphone in most of their activities and often keep sensitive pieces of information such as
IS Security and Risk Management
Accelerating rates of changes have been observed in the media landscape over the past
decades. The invention of the internet and more resent social media has been the most
considerable influence on these changes. With the new technology, different organizations have
been putting efforts in order to achieve their goals in this digital era. As a member of the MBC
TV broadcasting organization, in order to accomplish the mission and the purposes of the
company, the organization has allowed the employees to use their own computing devices that
includes, laptops, smartphones as well as tablet PCs. To work with them, using them as
additional devices or instead of an organization supplied devices. This idea, however, has
brought to it some benefits to the company, but also comes about with some severe challenges to
the organization. Some of these benefits may include, the organization may not suffer the
expense of buying each and every employee their own device as others already have their
personal tools. On the other hand, employees do not have to queue, waiting for a fellow in order
to use a device. It also makes work more comfortable, among other reasons. Just as mentioned
before, it comes with challenges, as these devices highly vulnerable. Therefore, this paper
investigates the IS security, risk threats, and management of MBC TV organizations that may
originate from the use of personal devices such as mobile that are highly vulnerable and can be
easily exposed.
Types of threats against mobile devices
With increased number of users of smartphone devices, security risks also increased. This
making Mobile devices to turn more vulnerable to attacks. This is due to the fact that people use
a smartphone in most of their activities and often keep sensitive pieces of information such as
IS Security and Risk Management 3
email, passwords, contact information (Abomhara, 2015, pp.65-88). The security threats are
classified into three groups, including vulnerabilities, Malware, plus attacks.
Malware
In the past (malicious software), Malware has been a significant threat to the laptop as
well as desktop PCs. However, with the increasing technology, mobile devices are becoming
more powerful and ubiquitous, hence making it more prone to Malware at a higher rate. In this
threat, the illegal uninstalled software's in one's device is used for all attacks from the outside,
taking advantage of the Vulnerability in the system/ device (Schmid, Weber, Haddox-Schatz,
and Geyer, 2010, pp, 441). This illegal software includes; Trojans, Virus, Worms, and Spyware.
Trojans: This software seizes device management as well as information. Trojans vary
from viruses and worms in that they do not spread themselves. This Malware can be carried
inside a software unnoticed by the user (Wei, Li, Koushanfar and Potkonjak, 2012, pp, 90-95).
Trojan software also recognizes external units such as the SD cards and USB. Hence it can also
create Vulnerability in the system by getting into devices through these external units.
Virus: Are malicious software that has some features that include all-pervading into an
existing document and sending it elsewhere, it distorts its contents as well as making it unusable,
then the hardware elements are slowed down (Kerr, Rollins and Theohary, 2010, pp. 7-5700).
Worm: These are malicious software that contains harmful misleading instructions. These
worms are usually transmitted via picture messages or text messages; hence can be effective
even without the user interacting (Rao and Nayak, 2014, pp. 141-161). Worms integrate itself
into a service through the operating system, later may act as a spy inside the device. At this
point, it sends requires data to the center, managing itself hence causing clogs as well as slows
email, passwords, contact information (Abomhara, 2015, pp.65-88). The security threats are
classified into three groups, including vulnerabilities, Malware, plus attacks.
Malware
In the past (malicious software), Malware has been a significant threat to the laptop as
well as desktop PCs. However, with the increasing technology, mobile devices are becoming
more powerful and ubiquitous, hence making it more prone to Malware at a higher rate. In this
threat, the illegal uninstalled software's in one's device is used for all attacks from the outside,
taking advantage of the Vulnerability in the system/ device (Schmid, Weber, Haddox-Schatz,
and Geyer, 2010, pp, 441). This illegal software includes; Trojans, Virus, Worms, and Spyware.
Trojans: This software seizes device management as well as information. Trojans vary
from viruses and worms in that they do not spread themselves. This Malware can be carried
inside a software unnoticed by the user (Wei, Li, Koushanfar and Potkonjak, 2012, pp, 90-95).
Trojan software also recognizes external units such as the SD cards and USB. Hence it can also
create Vulnerability in the system by getting into devices through these external units.
Virus: Are malicious software that has some features that include all-pervading into an
existing document and sending it elsewhere, it distorts its contents as well as making it unusable,
then the hardware elements are slowed down (Kerr, Rollins and Theohary, 2010, pp. 7-5700).
Worm: These are malicious software that contains harmful misleading instructions. These
worms are usually transmitted via picture messages or text messages; hence can be effective
even without the user interacting (Rao and Nayak, 2014, pp. 141-161). Worms integrate itself
into a service through the operating system, later may act as a spy inside the device. At this
point, it sends requires data to the center, managing itself hence causing clogs as well as slows
IS Security and Risk Management 4
down the internet bandwidth by generating needless data flow as well as degrading the ability of
the device to perform.
Spyware: These are malicious software that is to collect information on a specific subject.
The software also targets at taking control of the infected device (Shahzad, Haider and Lavesson,
2010, pp. 295-302). This software collects information about someone and sends them
somewhere else without their consent.
Vulnerabilities
Some the security vulnerabilities in a device includes the design, applications, internet
control as well as weaknesses arising in the system security measures. The Vulnerability can be
grouped under two main categories, including application (software) and mobile operating
system vulnerability, and device-hardware Vulnerability.
Device-Hardware Vulnerability: hackers can easily access mobile devices due to the fact
that they do not have navigation limits in the internet environment as well as lacking firewalls to
control, hence a vital vulnerability (Mansfield, Eveleigh, Holzer and Sarkani, 2013, pp. 722-
728). Due to these reasons, mobile devices do not have the ability to assure the safety of a port it
uses when connecting to the internet/ networks. The agedness of the device is another problem
that is mostly encountered; this is because manufacturers may not support devices manufactured
before specific dates making the device, not in a position to receive security updates.
Software vulnerability: An important vulnerability to consider in this case is the out-
datedness of the mobile operating system. Using an old mobile OS and out-datedness is a
security vulnerability arising from its software (Shahzad, Shafiq, and Liu, 2012, pp. 771-781).
Another critical vulnerability is in common open source components. This happens in all
down the internet bandwidth by generating needless data flow as well as degrading the ability of
the device to perform.
Spyware: These are malicious software that is to collect information on a specific subject.
The software also targets at taking control of the infected device (Shahzad, Haider and Lavesson,
2010, pp. 295-302). This software collects information about someone and sends them
somewhere else without their consent.
Vulnerabilities
Some the security vulnerabilities in a device includes the design, applications, internet
control as well as weaknesses arising in the system security measures. The Vulnerability can be
grouped under two main categories, including application (software) and mobile operating
system vulnerability, and device-hardware Vulnerability.
Device-Hardware Vulnerability: hackers can easily access mobile devices due to the fact
that they do not have navigation limits in the internet environment as well as lacking firewalls to
control, hence a vital vulnerability (Mansfield, Eveleigh, Holzer and Sarkani, 2013, pp. 722-
728). Due to these reasons, mobile devices do not have the ability to assure the safety of a port it
uses when connecting to the internet/ networks. The agedness of the device is another problem
that is mostly encountered; this is because manufacturers may not support devices manufactured
before specific dates making the device, not in a position to receive security updates.
Software vulnerability: An important vulnerability to consider in this case is the out-
datedness of the mobile operating system. Using an old mobile OS and out-datedness is a
security vulnerability arising from its software (Shahzad, Shafiq, and Liu, 2012, pp. 771-781).
Another critical vulnerability is in common open source components. This happens in all
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
IS Security and Risk Management 5
common open source components such as the Linux kernel and Web Kit. Vulnerability also
occurs in the duration when installing APK files.
Types of security protection techniques for mobile devices and how to mitigate threats.
It is crucial for an organization or an individual to take the necessary steps to in ensuring
that their mobile devices are protected from mobile threats such as Malware, attacks, and
vulnerabilities. In considering that the company may consider the following security protection
techniques for their mobile devices.
Remote lock and data wipe
Enforcement of strict remote lock and wipe policy is among the most essential strategies
in limiting mobile devices' threat. In incorporation of this method, the organization gives an extra
layer of protection to the enterprise network and data. With this policy, an enterprise has the
capability to erase data or remotely lock a mobile device whenever it is stolen or gotten lost.
Leverage biometrics
Biometric is another better strategy in ensuring security for your mobile devices. Initially
strong passwords was the key in securing mobile devices; however, due to the rise in security
threats, with strong password policy breaching can still take place. This has considered biometric
a better option. Biometric authentication is the use of measurable biological characters such as
voice, iris recognition, face, and figure print in the provision of access as well as identification.
Leveraging biometrics has benefits such as providing accountability for the enterprise and easy
accessibility as a user cannot forget their face, unlike passwords.
How MBC TV organizations can ensure the availability of the web service using the Linux
webserver.
common open source components such as the Linux kernel and Web Kit. Vulnerability also
occurs in the duration when installing APK files.
Types of security protection techniques for mobile devices and how to mitigate threats.
It is crucial for an organization or an individual to take the necessary steps to in ensuring
that their mobile devices are protected from mobile threats such as Malware, attacks, and
vulnerabilities. In considering that the company may consider the following security protection
techniques for their mobile devices.
Remote lock and data wipe
Enforcement of strict remote lock and wipe policy is among the most essential strategies
in limiting mobile devices' threat. In incorporation of this method, the organization gives an extra
layer of protection to the enterprise network and data. With this policy, an enterprise has the
capability to erase data or remotely lock a mobile device whenever it is stolen or gotten lost.
Leverage biometrics
Biometric is another better strategy in ensuring security for your mobile devices. Initially
strong passwords was the key in securing mobile devices; however, due to the rise in security
threats, with strong password policy breaching can still take place. This has considered biometric
a better option. Biometric authentication is the use of measurable biological characters such as
voice, iris recognition, face, and figure print in the provision of access as well as identification.
Leveraging biometrics has benefits such as providing accountability for the enterprise and easy
accessibility as a user cannot forget their face, unlike passwords.
How MBC TV organizations can ensure the availability of the web service using the Linux
webserver.
IS Security and Risk Management 6
The MBC TV in ensuring the availability of web service using the Linux web server, the
organization should ensure that all unused modules and application extensions are removed. This
is because the apache installation contains several pre-defined modules enabled that in the
atypical scenario are not used. The organization should ensure that every application extension is
restricted.
The MBC TV organization should also monitor the services and processes of the internet
as well as internet-based services and webs. This can be done by checking and testing the
performance availability as well as response times from multiple locations.
The MBC TV organization should ensure employees get an immediate alert whenever some
processes or services fail to work. And act fast to restore continuity.
Impact of employees on the information security.
Employees of the MBC TV organization play a major role in making the MBC TV
organization security vulnerable from within. Some employees may take the cybersecurity
requirements lightly, leading to dramatic consequences for the MBC TV organization. The MBC
TV organization may face some dangers from irresponsible and uninformed employers. Careless
or uninformed staff are at high risk of causing serious security breaches (Harter, Schmidt,
Asplund, Killham, and Agrawal, 2010, pp.378-389). Hide and seek; the MBC TV organization
employees may not take action on reporting a security incident whenever it happens. By doing
this, it makes the organization security vulnerable. Hiding security incidents may increase the
damage caused or lead to serious consequences.
Risk management recommendations.
Having IT security policy in place can be one way to help in the MBC TV organization
security; however, not enough as policy alone will not protect the organization from the threats.
The MBC TV in ensuring the availability of web service using the Linux web server, the
organization should ensure that all unused modules and application extensions are removed. This
is because the apache installation contains several pre-defined modules enabled that in the
atypical scenario are not used. The organization should ensure that every application extension is
restricted.
The MBC TV organization should also monitor the services and processes of the internet
as well as internet-based services and webs. This can be done by checking and testing the
performance availability as well as response times from multiple locations.
The MBC TV organization should ensure employees get an immediate alert whenever some
processes or services fail to work. And act fast to restore continuity.
Impact of employees on the information security.
Employees of the MBC TV organization play a major role in making the MBC TV
organization security vulnerable from within. Some employees may take the cybersecurity
requirements lightly, leading to dramatic consequences for the MBC TV organization. The MBC
TV organization may face some dangers from irresponsible and uninformed employers. Careless
or uninformed staff are at high risk of causing serious security breaches (Harter, Schmidt,
Asplund, Killham, and Agrawal, 2010, pp.378-389). Hide and seek; the MBC TV organization
employees may not take action on reporting a security incident whenever it happens. By doing
this, it makes the organization security vulnerable. Hiding security incidents may increase the
damage caused or lead to serious consequences.
Risk management recommendations.
Having IT security policy in place can be one way to help in the MBC TV organization
security; however, not enough as policy alone will not protect the organization from the threats.
IS Security and Risk Management 7
This is because some of the employers don't follow the designed policy and also due to the fact
that they cannot cover every possible risk. However, the policy needs adherence and a more
hostile approach (Siponen, Mahmood and Pahnila, 2014 pp.217-224).
The right action or step the MBC TV organization should consider training their employees to
bring a more dedicated staff that can help enforce security policies in order to help prevent stuff
carelessness (Harris and Patten, 2014, pp 65). Staff training is important in motivating employees
to pay attention to security threats and countermeasures as well as creating awareness regardless
if it is not part of their responsibilities.
Linux server supported with different tools for auditing.
It is important to audit and check your server, ensuring total security, and confirm that it
is compliant based on configuration. Administrators are supposed to perform this task daily
(Kumar and Sangwan, 2012, pp.35-41). Some of the tools that help automate auditing as well as
providing monitoring of your Linux system include.
NIX auditor; This is an auditing tool that helps in checking the basics such as password
accounts as well as aging and file systems (Rodriguez, 2011, pp 12). This tool is geared towards
RHL but as well works with Ubuntu as well as other systems.
Lynis; This is an auditing tool well designed that includes an online dashboard and
supports almost all versions of Linux. Lynis allows one to check their server against policy such
as HIPPA (Gunawan, Lim, Zulkurnain and Kartiwi, 2018, pp.51-59).
Tripwire This tool helps in checking the integrity of your file system and checks changes
that are not authorized (Jayamanna, 2014, pp. 219-224). When setting an initial setup, a tripwire
is used to generate a profile of the file system, which is used, and that needs to be monitored.
This is because some of the employers don't follow the designed policy and also due to the fact
that they cannot cover every possible risk. However, the policy needs adherence and a more
hostile approach (Siponen, Mahmood and Pahnila, 2014 pp.217-224).
The right action or step the MBC TV organization should consider training their employees to
bring a more dedicated staff that can help enforce security policies in order to help prevent stuff
carelessness (Harris and Patten, 2014, pp 65). Staff training is important in motivating employees
to pay attention to security threats and countermeasures as well as creating awareness regardless
if it is not part of their responsibilities.
Linux server supported with different tools for auditing.
It is important to audit and check your server, ensuring total security, and confirm that it
is compliant based on configuration. Administrators are supposed to perform this task daily
(Kumar and Sangwan, 2012, pp.35-41). Some of the tools that help automate auditing as well as
providing monitoring of your Linux system include.
NIX auditor; This is an auditing tool that helps in checking the basics such as password
accounts as well as aging and file systems (Rodriguez, 2011, pp 12). This tool is geared towards
RHL but as well works with Ubuntu as well as other systems.
Lynis; This is an auditing tool well designed that includes an online dashboard and
supports almost all versions of Linux. Lynis allows one to check their server against policy such
as HIPPA (Gunawan, Lim, Zulkurnain and Kartiwi, 2018, pp.51-59).
Tripwire This tool helps in checking the integrity of your file system and checks changes
that are not authorized (Jayamanna, 2014, pp. 219-224). When setting an initial setup, a tripwire
is used to generate a profile of the file system, which is used, and that needs to be monitored.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
IS Security and Risk Management 8
After which it monitors and sends information on what has been changed. This tool contains
several features that you can customize it to do.
Tiger-auditing tool; This is an open-source Linux auditing system that helps in file
system checking. It checks the system based on a template (Jayamanna, 2014, pp, 7), inspecting
basing things such as file systems as well as active accounts. This auditing tool also highlights
things like policies for accounts.
Task 2
As we all know, one of the primary roles of system admin in Linux is protecting and
securing important files from being accessed by unauthorized individuals. Thankfully, Linux
already have some default commands that allow us to perform such actions. However, the
limitation is that the default permissions to perform such actions may not work all the time as
required. For instance it is not possible to create different permissions for various users in the
same directory. Otherwise the instances where access control is denying permissions to use
certain resources would be experienced. However, there is a way of solving such problems were
the Access Control Lists (ACLs) are used.
Part 1
In the Linux file system, we have three types of users including “user” which is also
known as “user owner”, “group” which is also called “owner group” and lastly “other” also
called “everyone else”. These users can be granted different permissions. For instance, we have
the main directory called SBM4304 where two directories including ‘{StudentID1}’ and
‘{StudentID2}’ lives in and all users are granted full permissions to access the directory. The
ACL can be used to grant the full access permission to SBM4304 directory. The two types of
ACL that would aid the process include Access ACLs which is used for granting permission on
After which it monitors and sends information on what has been changed. This tool contains
several features that you can customize it to do.
Tiger-auditing tool; This is an open-source Linux auditing system that helps in file
system checking. It checks the system based on a template (Jayamanna, 2014, pp, 7), inspecting
basing things such as file systems as well as active accounts. This auditing tool also highlights
things like policies for accounts.
Task 2
As we all know, one of the primary roles of system admin in Linux is protecting and
securing important files from being accessed by unauthorized individuals. Thankfully, Linux
already have some default commands that allow us to perform such actions. However, the
limitation is that the default permissions to perform such actions may not work all the time as
required. For instance it is not possible to create different permissions for various users in the
same directory. Otherwise the instances where access control is denying permissions to use
certain resources would be experienced. However, there is a way of solving such problems were
the Access Control Lists (ACLs) are used.
Part 1
In the Linux file system, we have three types of users including “user” which is also
known as “user owner”, “group” which is also called “owner group” and lastly “other” also
called “everyone else”. These users can be granted different permissions. For instance, we have
the main directory called SBM4304 where two directories including ‘{StudentID1}’ and
‘{StudentID2}’ lives in and all users are granted full permissions to access the directory. The
ACL can be used to grant the full access permission to SBM4304 directory. The two types of
ACL that would aid the process include Access ACLs which is used for granting permission on
IS Security and Risk Management 9
any file or a directory and Default ACLs which can be used to grant access control list one a
given directory. In our case, we want to grant full access to the SBM4304 directory which can be
perfectly achieved by the use of the Default ALC. We can identify the default ACLs for the
directory SBM4304 by use of a Linux command known as “getfacl” as shown in the following
programs.
[root@linux ~]# getfacl SBM4304/
# file: SBM4304/
# owner: root
# group: root
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::r-x
default:other::rw-
We can as well set ACL for the default ACLs for the directory by use of another Linux
command called “setfacl” This would be accomplished by executing the following block of
codes.
[root@linux ~]# setfacl -m d:o:rx SBM4304/
[root@linux ~]# getfacl SBM4304/
# file: SBM4304/
# owner: root
any file or a directory and Default ACLs which can be used to grant access control list one a
given directory. In our case, we want to grant full access to the SBM4304 directory which can be
perfectly achieved by the use of the Default ALC. We can identify the default ACLs for the
directory SBM4304 by use of a Linux command known as “getfacl” as shown in the following
programs.
[root@linux ~]# getfacl SBM4304/
# file: SBM4304/
# owner: root
# group: root
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::r-x
default:other::rw-
We can as well set ACL for the default ACLs for the directory by use of another Linux
command called “setfacl” This would be accomplished by executing the following block of
codes.
[root@linux ~]# setfacl -m d:o:rx SBM4304/
[root@linux ~]# getfacl SBM4304/
# file: SBM4304/
# owner: root
IS Security and Risk Management 10
# group: root
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::r-x
default:other::r-x
In order to complete the process of granting the users full access into the directory, we
will have to set the ACL using the “setfacl” command so that all users will have all “rwx”
permissions as shown in the following code snippet.
$ setfacl -m u:StudentID1:rwx SBM4304/
$ setfacl -m u:StudentID2:rwx SBM4304/
$ setfacl -m other:--- SBM4304/
$ getfacl SBM4304/
# file: SBM4304
# owner: StudentID1
# group: StudentID1
user::rwx
user:StudentID1:rwx
user:StudentID1:rwx
group::r-x
mask::rwx
# group: root
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::r-x
default:other::r-x
In order to complete the process of granting the users full access into the directory, we
will have to set the ACL using the “setfacl” command so that all users will have all “rwx”
permissions as shown in the following code snippet.
$ setfacl -m u:StudentID1:rwx SBM4304/
$ setfacl -m u:StudentID2:rwx SBM4304/
$ setfacl -m other:--- SBM4304/
$ getfacl SBM4304/
# file: SBM4304
# owner: StudentID1
# group: StudentID1
user::rwx
user:StudentID1:rwx
user:StudentID1:rwx
group::r-x
mask::rwx
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
IS Security and Risk Management 11
other::---
Part 2
It is also possible to create three users {u1}, {u2} and {u3}, where u1, u2 and u3 are the
first name of three students. This can be achieved in the following manner.
[root@linux ~]# for user in u1 u2 u3
> do
> useradd $user
> passwd -d $user
> done
In conclusion, MBC TV organization just like any other business organization, is at a high
danger of threat from within. According to the above discussion, we are aware of different types
of threat and how easily one or an organization can become a victim. In this case each and every
member of an organization is required to take an action whenever an organization is hit by any
security incidents. As hiding an incident may lead to more consequences. An organization is also
encouraged to use automated system monitoring in order to reduce chances of error and
irresponsibility.
other::---
Part 2
It is also possible to create three users {u1}, {u2} and {u3}, where u1, u2 and u3 are the
first name of three students. This can be achieved in the following manner.
[root@linux ~]# for user in u1 u2 u3
> do
> useradd $user
> passwd -d $user
> done
In conclusion, MBC TV organization just like any other business organization, is at a high
danger of threat from within. According to the above discussion, we are aware of different types
of threat and how easily one or an organization can become a victim. In this case each and every
member of an organization is required to take an action whenever an organization is hit by any
security incidents. As hiding an incident may lead to more consequences. An organization is also
encouraged to use automated system monitoring in order to reduce chances of error and
irresponsibility.
IS Security and Risk Management 12
Reference list.
Rodriguez, S.M., 2011. The Best Nix for a Combined Honeypot Sensor Server.
Kumar, V. and Sangwan, O.P., 2012. Signature based intrusion detection system using
SNORT. International Journal of Computer Applications & Information Technology, 1(3),
pp.35-41.
Gunawan, T.S., Lim, M.K., Zulkurnain, N.F. and Kartiwi, M., 2018. On the Review and Setup of
Security Audit Using Kali Linux. Indonesian Journal of Electrical Engineering and Computer
Science, 11(1), pp.51-59.
Jayamanna, N.K.I.S., 2014 July. Advanced integrity checking and recovery using write-protected
storage for enhancing operating system security. In 2015 10th International Conference on
Computer Science & Education (ICCSE) (pp. 219-224). IEEE.
Jayamanna, N.K.I.S., 2014. Enhancing Tiger Auditing Tool for Linux Systems and Services.
Reference list.
Rodriguez, S.M., 2011. The Best Nix for a Combined Honeypot Sensor Server.
Kumar, V. and Sangwan, O.P., 2012. Signature based intrusion detection system using
SNORT. International Journal of Computer Applications & Information Technology, 1(3),
pp.35-41.
Gunawan, T.S., Lim, M.K., Zulkurnain, N.F. and Kartiwi, M., 2018. On the Review and Setup of
Security Audit Using Kali Linux. Indonesian Journal of Electrical Engineering and Computer
Science, 11(1), pp.51-59.
Jayamanna, N.K.I.S., 2014 July. Advanced integrity checking and recovery using write-protected
storage for enhancing operating system security. In 2015 10th International Conference on
Computer Science & Education (ICCSE) (pp. 219-224). IEEE.
Jayamanna, N.K.I.S., 2014. Enhancing Tiger Auditing Tool for Linux Systems and Services.
IS Security and Risk Management 13
Harris, M.A. and Patten, K.P., 2014. Mobile device security considerations for small-and
medium-sized enterprise business mobility. Information Management & Computer Security.
Harter, J.K., Schmidt, F.L., Asplund, J.W., Killham, E.A. and Agrawal, S., 2010. Causal impact
of employee work perceptions on the bottom line of organizations. Perspectives on
Psychological Science, 5(4), pp.378-389.
Siponen, M., Mahmood, M.A. and Pahnila, S., 2014. Employees’ adherence to information
security policies: An exploratory field study. Information & management, 51(2), pp.217-224.
Abomhara, M., 2015. Cyber security and the internet of things: vulnerabilities, threats, intruders
and attacks. Journal of Cyber Security and Mobility, 4(1), pp.65-88.
Schmid, M.N., Weber, M., Haddox-Schatz, M. and Geyer, D., Cigital Inc, 2010. Methods for
identifying malicious software. U.S. Patent 7,644,441.
Wei, S., Li, K., Koushanfar, F. and Potkonjak, M., 2012, June. Hardware Trojan horse
benchmark via optimal creation and placement of malicious circuitry. In Proceedings of the 49th
Annual Design Automation Conference (pp. 90-95).
Rao, U.H. and Nayak, U., 2014. Malicious software and anti-virus software. In The InfoSec
Handbook (pp. 141-161). Apress, Berkeley, CA.
Kerr, P.K., Rollins, J. and Theohary, C.A., 2010. The stuxnet computer worm: Harbinger of an
emerging warfare capability (pp. 7-5700). Washington, DC: Congressional Research Service.
Harris, M.A. and Patten, K.P., 2014. Mobile device security considerations for small-and
medium-sized enterprise business mobility. Information Management & Computer Security.
Harter, J.K., Schmidt, F.L., Asplund, J.W., Killham, E.A. and Agrawal, S., 2010. Causal impact
of employee work perceptions on the bottom line of organizations. Perspectives on
Psychological Science, 5(4), pp.378-389.
Siponen, M., Mahmood, M.A. and Pahnila, S., 2014. Employees’ adherence to information
security policies: An exploratory field study. Information & management, 51(2), pp.217-224.
Abomhara, M., 2015. Cyber security and the internet of things: vulnerabilities, threats, intruders
and attacks. Journal of Cyber Security and Mobility, 4(1), pp.65-88.
Schmid, M.N., Weber, M., Haddox-Schatz, M. and Geyer, D., Cigital Inc, 2010. Methods for
identifying malicious software. U.S. Patent 7,644,441.
Wei, S., Li, K., Koushanfar, F. and Potkonjak, M., 2012, June. Hardware Trojan horse
benchmark via optimal creation and placement of malicious circuitry. In Proceedings of the 49th
Annual Design Automation Conference (pp. 90-95).
Rao, U.H. and Nayak, U., 2014. Malicious software and anti-virus software. In The InfoSec
Handbook (pp. 141-161). Apress, Berkeley, CA.
Kerr, P.K., Rollins, J. and Theohary, C.A., 2010. The stuxnet computer worm: Harbinger of an
emerging warfare capability (pp. 7-5700). Washington, DC: Congressional Research Service.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
IS Security and Risk Management 14
Shahzad, R.K., Haider, S.I. and Lavesson, N., 2010, February. Detection of spyware by mining
executable files. In 2010 International Conference on Availability, Reliability and Security (pp.
295-302). IEEE.
Mansfield, K., Eveleigh, T., Holzer, T.H. and Sarkani, S., 2013, November. Unmanned aerial
vehicle smart device ground control station cyber security threat model. In 2013 IEEE
International Conference on Technologies for Homeland Security (HST) (pp. 722-728). IEEE.
Shahzad, M., Shafiq, M.Z. and Liu, A.X., 2012, June. A large scale exploratory analysis of
software vulnerability life cycles. In 2012 34th International Conference on Software
Engineering (ICSE) (pp. 771-781). IEEE.
Shahzad, R.K., Haider, S.I. and Lavesson, N., 2010, February. Detection of spyware by mining
executable files. In 2010 International Conference on Availability, Reliability and Security (pp.
295-302). IEEE.
Mansfield, K., Eveleigh, T., Holzer, T.H. and Sarkani, S., 2013, November. Unmanned aerial
vehicle smart device ground control station cyber security threat model. In 2013 IEEE
International Conference on Technologies for Homeland Security (HST) (pp. 722-728). IEEE.
Shahzad, M., Shafiq, M.Z. and Liu, A.X., 2012, June. A large scale exploratory analysis of
software vulnerability life cycles. In 2012 34th International Conference on Software
Engineering (ICSE) (pp. 771-781). IEEE.
1 out of 14
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.