chapter 3

Chapter 3

1. Provide an IT example that relates to the ethical issues for the ideas of privacy, accuracy, property, and accessibility.
· Bluetooth: this is an information sharing system which is easily misused and has the ability to access large amounts of information from many different peoples mobile phones. The privacy is not very well protected and the process or idea of privacy is not protected.

2. What are the 5 general types of IT threats? Provide an example for each one
1 Technical Failures: problems with hardware and software
2 Natural disasters: floods earthquakes
3 Deliberate acts: information extortion.
4,5 Unintentional acts: Human errors, environmental hazards


2. Describe/discuss three types of software attack and a problem that may result from them
· Virus: Segment of computer code that performs malicious actions by attaching to another computer programme. They can cause software and hardware problems to the computer.
· Trojan horse: Software programmes that hide in other computer programmes and reveal there designed behaviour only when they are activated.
· Password attack/ dictionary attack: Attacks that try combinations of letters and numbers that are most likely to succeed, such as all words from a dictionary. This is very damaging as many private and confidential documents are protected by passwords.

3. Describe the four major types of security controls in relation to protecting information systems.
· Physical Controls: controls that restrict unauthorised individuals from gaining access to company’s computer facilities.
· Access Controls: Controls that restrict unauthorised individuals from using information resources and are concerned with user identification.
· Communication Controls: Controls that deal with the movement of data across networks.
· Application Controls: Controls that protect specific applications.

4. What is information system auditing?
IS auditing is an evaluation of IS integrity focusing on things like security.


5. What is the difference between authentication and authorization and why are they important to e-Commerce/give an example of their relevance to e-Commerce
Authorisation refers to a process that determines which actions, rights or privileges the person has based on verified identity. Where as authentication is a process that determines the identity of the person requiring access. They are important to e-commerce as they put businesses on an equal playing field where they only have as much access as one another and they must obey the same protocols.