Sample Essay This essay discusses advances in information system security. Intrusion Detection Systems With the…
Essay: Internet Security
Essay: Internet Security
True or False: An IT vulnerability assessment is the same as an IT security risk analysis. Explain.
False! IT vulnerability assessment refers to the process which involves identification of what could happen that could negatively affect the confidentiality, integrity, and reliability of a particular IT environment. It incorporates the value of IT resources present in that environment as well as the likelihood to those resources coming under attack. The IT security risk analysis then uses the information gained from vulnerability assessment to appropriate the cost of the compromise and also the likelihood that that cost being incurred. Furthermore, countermeasures are identified and implemented by comparing the cost of potential loss with that of implementation measures to reduce it (Dulaney, 2008).
b) Select from the following the best definition of security risk analysis:
A. Risk analysis looks at the probability that vulnerability exists in your system.
B. Risk analysis looks at the probability that your security measures won’t stop a hacker breaking into your system.
C. Risk analysis looks at the probability that a hacker may break into your system.
D. Risk analysis determines what resources you need to protect and quantifies the costs of not protecting them.
E. Risk analysis looks at the consequences of being connected to the Internet.
The correct answer is D (Risk analysis determines what resources you need to protect and quantifies the costs of not protecting them).
c) Define security threats in two different categories as passive and active. Explain the difference and list some examples.
The Security threats in an organization can be classified into active and passive threats. Active threats involve modification of an existing data stream or creation of a false data stream. These threats can be further subdivided into message stream modification, denial of service and masquerading threats. Message stream modification involves modification of some part of a legitimate message or a group of messages that is delayed, reordered or replaced in order give an authorized effect. The denial of service prevents the normal usage of communication facilities. A denial of service attack can be carried out against a specific resource or it can be used to bring down the entire network. A masquerade is the misuse of identity by one entity in order to appear as another entity.
Passive threats involve eavesdropping or monitoring of transmissions within an organization. It can be categorized into two types of threat which are the release of message contents and traffic analysis. In the release of message content threat, the attacker can easily gain information only by gaining access to contents of messages through which the information is being transferred. Traffic analysis, on the other hand, is a much more subtle threat and is often less applied by attackers. In traffic analysis, the attacker, even after gaining access to the messages containing information, is unable to extract information from them. However, the attacker may gain information on the nature of transmission by monitoring the frequency and length of messages that are being transmitted (Stallings, 1999).