MIS 180 EXAM 3 Meader Latest study Guide
External Treats -
✅ -Weather. These affect seasonal businesses that depend on good conditions.
-The economy. If you sell something consumers need in any economy, you will fare better than
others.
-Material shortage. Tensions in an oil-producing country result in big price hikes, raising production
costs for plastics manufacturers, trucking firms and others.
-Your computer system is hacked. This can knock your website out for days during a crucial selling
period.
-Employment in your industry is strong. This can make it hard to find skilled workers.
-Market demand dries up. Think Blockbuster falling behind Netflix because of its late start streaming
content.
Internal Treats -
✅ Policies not followed, data, internal controls, system development, malicious employees
-Untrustworthy Employees - Considering that employees have direct access to your business data,
systems and hardware, the possibility of dealing with internal theft cases that involve data and even
equipment should never be taken lightly.
-Internal Business Data Theft - Laptops, mobile devices, tablets and other devices are entrusted to
employees with the most sensitive information about the organization.
Considering that these devices contain critical company documents and data, unauthorized access
could be damaging to your business.
-Attacks on Physical Business Systems - Many businesses overlook the importance of securing their
physical network and server room to prevent unauthorized personnel from gaining access.
According to one study, on average, how much does it cost a company when a security threat
becomes reality for a company resulting in downtime? -
✅ According to the Aberdeen Report, the average cost of downtime is $260,000 per hour.
Be able to name and describe the three levels of system security -
✅ 1. Data Access Policies and Controls - Protection of the information itself (Who/what can access
databases and what can they do with those databases?)
, 2. Application Access Control - Protection of the computer on which the information is stored (Which
applications can do CRUD on which data? Who can use those applications?)
3. Network and Host Access Control - Protection of the network to which the computer is connected
(Who may access the resources on our network? Intranet? Extranet?)
Common security treats -
✅ Malware
Phishing
Social Engineering
Ransomware
Trojan Horse
Malware -
✅ "malicious software," is an umbrella term that describes any malicious program or code that is
harmful to systems. It seeks to invade, damage, or disable computers, computer systems, networks,
tablets, and mobile devices, often by taking partial control over a device's operations. general term
covering all the different types of threats to your computer safety (ex: viruses, spyware, worms, etc.)
Know the five feasibility studies in SDLC (Class 14a deck), and what the focus of each is. (system
development life style) -
✅ Organizational: Will / can the organization use the system?
Technical: Is the technology available and easy enough to use?
Schedule: Can we get the system into production soon enough?
Economic: Is the proposed system affordable and worth the investment?
Legal: Does this proposed project violate any laws or regulations?
Social Engineering -
✅ Social engineering is the art of manipulating people so they give up confidential information. The
types of information these criminals are seeking can vary, but when individuals are targeted the
criminals are usually trying to trick you into giving them your passwords or bank information, or
access your computer to secretly install malicious software-that will give them access to your
passwords and bank information as well as giving them control over your computer.
Non-technical strategy relying on human interaction and often involves tricking people into breaking
telling their passwords
External Treats -
✅ -Weather. These affect seasonal businesses that depend on good conditions.
-The economy. If you sell something consumers need in any economy, you will fare better than
others.
-Material shortage. Tensions in an oil-producing country result in big price hikes, raising production
costs for plastics manufacturers, trucking firms and others.
-Your computer system is hacked. This can knock your website out for days during a crucial selling
period.
-Employment in your industry is strong. This can make it hard to find skilled workers.
-Market demand dries up. Think Blockbuster falling behind Netflix because of its late start streaming
content.
Internal Treats -
✅ Policies not followed, data, internal controls, system development, malicious employees
-Untrustworthy Employees - Considering that employees have direct access to your business data,
systems and hardware, the possibility of dealing with internal theft cases that involve data and even
equipment should never be taken lightly.
-Internal Business Data Theft - Laptops, mobile devices, tablets and other devices are entrusted to
employees with the most sensitive information about the organization.
Considering that these devices contain critical company documents and data, unauthorized access
could be damaging to your business.
-Attacks on Physical Business Systems - Many businesses overlook the importance of securing their
physical network and server room to prevent unauthorized personnel from gaining access.
According to one study, on average, how much does it cost a company when a security threat
becomes reality for a company resulting in downtime? -
✅ According to the Aberdeen Report, the average cost of downtime is $260,000 per hour.
Be able to name and describe the three levels of system security -
✅ 1. Data Access Policies and Controls - Protection of the information itself (Who/what can access
databases and what can they do with those databases?)
, 2. Application Access Control - Protection of the computer on which the information is stored (Which
applications can do CRUD on which data? Who can use those applications?)
3. Network and Host Access Control - Protection of the network to which the computer is connected
(Who may access the resources on our network? Intranet? Extranet?)
Common security treats -
✅ Malware
Phishing
Social Engineering
Ransomware
Trojan Horse
Malware -
✅ "malicious software," is an umbrella term that describes any malicious program or code that is
harmful to systems. It seeks to invade, damage, or disable computers, computer systems, networks,
tablets, and mobile devices, often by taking partial control over a device's operations. general term
covering all the different types of threats to your computer safety (ex: viruses, spyware, worms, etc.)
Know the five feasibility studies in SDLC (Class 14a deck), and what the focus of each is. (system
development life style) -
✅ Organizational: Will / can the organization use the system?
Technical: Is the technology available and easy enough to use?
Schedule: Can we get the system into production soon enough?
Economic: Is the proposed system affordable and worth the investment?
Legal: Does this proposed project violate any laws or regulations?
Social Engineering -
✅ Social engineering is the art of manipulating people so they give up confidential information. The
types of information these criminals are seeking can vary, but when individuals are targeted the
criminals are usually trying to trick you into giving them your passwords or bank information, or
access your computer to secretly install malicious software-that will give them access to your
passwords and bank information as well as giving them control over your computer.
Non-technical strategy relying on human interaction and often involves tricking people into breaking
telling their passwords
