Lecture Accounting information systems: Basic concepts and current issues (4/e): Chapter 11 - Robert L. Hurt

Chapter 11 - Computer crime and information technology security. When you've finished studying this chapter, and completing the activities at its conclusion, you should be able to: Explain Carter’s taxonomy of computer crime, identify and describe business risks and threats to information systems, discuss ways to prevent and detect computer crime, explain the main components of the CoBIT framework and their implications for IT security. | Chapter 11 Computer Crime and Information Technology Security Outline Learning objectives Carter’s taxonomy Risks and threats IT controls COBIT Learning objectives Explain Carter’s taxonomy of computer crime. Identify and describe business risks and threats to information systems. Discuss ways to prevent and detect computer crime. Explain the main components of the CoBIT framework and their implications for IT security. Carter’s taxonomy Target Targets system or its data Example: DOS attack Instrumentality Uses computer to further criminal end Example: Phishing Four-part system for classifying computer crime A specific crime may fit more than one classification The taxonomy provides a useful framework for discussing computer crime in all types of organizations. Carter’s taxonomy Incidental Computer not required, but related to crime Example: Extortion Associated New versions of old crimes Example: Cash larceny Four-part system for classifying computer crime A specific crime may fit more than one classification The taxonomy provides a useful framework for discussing computer crime in all types of organizations. Risks and threats Fraud Service interruption and delays Disclosure of confidential information Intrusions Malicious software Denial-of-service attacks Please consult the chapter for the full list. IT controls Confidentiality Data integrity Availability C-I-A triad IT controls Physical controls Guards, locks, fire suppression systems Technical controls Biometric access controls, malware protection Administrative controls Password rotation policy, password rules, overall IT security strategy COBIT Two main parts Principles Five ideas that form the foundation of strong IT governance and management Enablers Seven tools that match the capabilities of IT tools with users’ needs Control Objectives for Information and Related Technology Information Systems Audit and Control Association (ISACA) Framework for IT governance and management COBIT . | Chapter 11 Computer Crime and Information Technology Security Outline Learning objectives Carter’s taxonomy Risks and threats IT controls COBIT Learning objectives Explain Carter’s taxonomy of computer crime. Identify and describe business risks and threats to information systems. Discuss ways to prevent and detect computer crime. Explain the main components of the CoBIT framework and their implications for IT security. Carter’s taxonomy Target Targets system or its data Example: DOS attack Instrumentality Uses computer to further criminal end Example: Phishing Four-part system for classifying computer crime A specific crime may fit more than one classification The taxonomy provides a useful framework for discussing computer crime in all types of organizations. Carter’s taxonomy Incidental Computer not required, but related to crime Example: Extortion Associated New versions of old crimes Example: Cash larceny Four-part system for classifying computer crime A specific crime may fit .

Không thể tạo bản xem trước, hãy bấm tải xuống
TÀI LIỆU MỚI ĐĂNG
187    25    1    28-11-2024
272    22    1    28-11-2024
24    19    1    28-11-2024
Đã phát hiện trình chặn quảng cáo AdBlock
Trang web này phụ thuộc vào doanh thu từ số lần hiển thị quảng cáo để tồn tại. Vui lòng tắt trình chặn quảng cáo của bạn hoặc tạm dừng tính năng chặn quảng cáo cho trang web này.