IT Management assignment on: Operating systems & its risks
Question 1:
The very characteristics of common virus to replicate themselves in operating system are one of the common feature through which we can verify as to whether the given system is affected by it. There are couples of different ways in which this can be put to use in determination of virus in given system, we look at few next.When we fear we have been hit by fear and we aren’t able to control it, we look for processes that are running at the moment (Villafuerte, 2008). We are aware of the kind of major processes that should run when the application we are using are known to us. A repetitive or even an initial look at processes which are getting repeated each time issues erupts gives us a hint as to what is causing the problem.
On the other hand a kind of idea of what kind of codes o executive able would a virus contain, we can search for it though tools and immediately we will have a list of what exist on computer. If a virus occurs then we will be immediately able to recognize because we will see a multiple of same kind of file in search and the catch.
Question 2:There are definite and huge risks that can be seen as a result of this malware. Having the root access can enable it to use all resources that machine has access to and in major cases it turns out to be highly sensitive data, information and may be classified information in cases (Mizruchi & Neuman, 2008). It can hack into all databases and get the passwords for various need s. These are not major risk but the risk that generates out of this unauthorized access is major risk posed by them.
It is an extremely difficult procedure and not a highly successful one when it comes to detection of rootkit malware issues. This is because rootkit makes it way to the root access and hence suppress and subverts any software, tools and process that are support to detect it or report it. The only reliable and possible alternative includes usage of an alternative and strong operating system as the most popular options. There are other tough options like usage of behavioral based methods, signature scanning, difference scanning and the tougher memory dump analysis.
There can also be situation wherein even detention and removal by above process can be tiring and this is of high probability where the root kit resides in kernel. In such situations it is reinstallation of the operating systems that is the only possible option to exercise.
Question 3:
We understand that it possible to even fake the lock the lock feature in a phishing attack that ensures security on web browsers. The basic rationale behind this possibility is the implementation of this feature. It is easy to fake the certificate for one of other website instead for the one being displayed at present due to obvious ability of phishing attacks and technology underneath. This is easier an option because not all pages make use of this features and only the one which requests personal information from uses applies it.It is not easy to detect not because of some technology usage but because of usage pattern. When we see such a icon, we as a user are satisfied with the security underneath and hence do not cross verify or investigate it (Liebowitz, 2011). However it is not a tough job to find it out, just we need to be extra precautionary and make more efforts. If we click on this icon the details of certificate is found out and the details could be matched with the page we are on at present. A mismatch between the two is obvious case of phishing attack and hence we could be saved.
Question 4:
Assuming that the assumption by thief is correct and indeed the 4 keys that have worn out are actually the ones which form the password combination for the lock, then if looked from worst case scenario the thief would need to make 256 attempts to break open it. This is based on the understanding that he would need to make maximum of 256 attempts in order to try all combination that are possible through use of those 4 number.
Our calculation is based on simple understanding. We assume that the combination can have repetition of numbers as well and hence each of the four numbers can be used 4 times in each combination. This will lead to a total number of possible combination to the tune of 4^4 = 256. In this calculation we are not assuming or are not worried as to whether the given locking system allows t enter password 256 times or not or even the fact that the thief have actually time to try this system for 256 times.Question 5:
In analysis of this scenario we assume that the two dimensional barcodes are supposed to be used in digital form rather than the magnetic strip used in physical form (Baratz, 2011). This assumption is based on fact that if the bar codes are also to be physical provided then who will bear the cost, if banks bear it no point in going for it as cost saving from this transition would be outdone with the technology and process changes to be accommodated. If users are to be burdened with cost, banks are likely to face dissatisfied user. Armed with this important and critical assumption we look at security point of view of the two systems.
I believe that the bar code system should have increased safety compared to magnetic strip instrument (Villafuerte, 2008). This we believe so because the bar codes would be stored I some digital device in majority of cases and all such devices would be password protected by some mechanism. Hence is one happens to lose this device, the chances of bar codes getting disclosed to fraudster and thief would be highly unlikely. It is also due to this feature that any chances of stealing of content of user would also be reduced.
This is so because the bar codes residing in digital form would have much restricted access and hence much reduced chances of the contents getting accessed as in case of a magnetic strip card which can be accessed by intended thief’s and fraud with ease (Mizruchi & Neuman, 2008). If we assume that such barcodes are double securitized by use of PIN access codes, then the security within it would definitely be much more enhanced as one hand you have protected bar codes containing user information and again you have access codes providing increased twin layer of security.
Question 6:
If we have to show how someone can breach the line of defense and protection we have created over here, than what would be a better way to showcase it then to rely o major cause of breach i.e. intentional and un intentional forced human errors. Suppose I am a culprit banned to fly but have all original documentation at my disposal (Jackson, 2001). Then in such case I would either through corrupt method skip the identification process at airport check in and board the flight as tickets I can always book online and no identification is needed and if I can find my way through security check, I can find my way through boarding pass counter well.
On the other hand I could replay on ignorance of personnel and as all documents at major airports are checked manually, I will assume that they won’t be alert enough to look though everyone and hence could make my way through it (Borruso, 2005). However this is a risky bet and to be on safer side one might not attempt this and instead will find corrupt practices to get himself new identification document that will enable him to easily pass through manual checking process without worry of being caught.
What I suggest as the most feasible possible and corrective measure is to ensure that all document verification and authentication system should be automated and the validation coming directly through central server and monitoring station. This would obviously be possible through all documentation being registers electronically and hence directly readable. However a more reliable but more expensive mechanism for this increased security would be to have biometric processes and documentation in place as the basis electronic versions also have their limitation and scope of fraud being done.
Question 7:
Whether it is more secure than an traditional presently in practice password system is subject to analysis of how internally it has been implemented i.e. in terms of structure, encryption etc that goes in development of such system. However if looked from barely outside, there seems to be not much conviction in this approach and hence I believe that the security offered by it would not match even the standards that our traditional approach is delivering us at this moment.
Our belief is based on fact on the realization that we chose a password either familiar to us in some way or a common password combination applicable to all application (Borruso, 2003). Since we assume that not all would be prepared to have this new system implemented and hence the combination possibility is drastically reduced. On the other hand having 2o pictures that are not related to you and remembering the same is a daunting task and hence the reduced possibility.
Talking on contrary options if the combination is one that can be related to us easily or is one which is difficult to remember and needs to be referenced somewhere then the very need of enhanced security is compromised as the threat elements will have this knowledge as well. On efficiency front also we see a possible reduction and reduced performance.
I believe so because no pictures can directly be saved as password in password column as it happens at present. They need to be stored separate and then through a third reference matching needs to be done. This multiple iteration process for matching will reduce the efficiency and performance. On top of this the encryption and decryption methodology, space and efficiency would similarly be reduced and demand extra resources at disposal to perform, which might not be feasible.
Question 8:
It is extremely wrong of Dr. Simplex to think that a given document and file would need not be used for any purpose by any other users other than him. In fact this is wrong to the tune that we can claim that more than 99% of users will object to his this suggestion (Mason, 2011). This is a simple collaboration and redundancy reduction perspective that we can claim to be so .We give some possible scenarios in brief in next section.
In a office environment, one might need the same company introduction file to be used by many sales personnel’s and have the updated versions synchronized for all. In such a set up the owner of file cannot afford to just allow the owner to have rights of access to file. Similarly suppose a project scope document is made available to team developing different specifications of a project. In such case if document owner i.e. client chose to not allow direct access to document, it could lead to delay in execution and may be confusing understanding of needs.
From collaboration front a document owner say a spreadsheet owner would like to take inputs from different of this colleagues for different fields before end of day for this reporting (Mizruchi & Neuman, 2008). If he now has to manually receive individual document and not have collaborated tool document, his immense time would be wasted in copying work.
If you want IT management Assignment Help study samples to help you write professional custom essay’s and essay writing help.
Receive assured help from our talented and expert writers! Did you buy assignment and assignment writing services from our experts in a very affordable price.
To get more information, please contact us or visit www.myassignmenthelp.Com