Week 7 - Systems And Security

Question 1

What are the six strategies?

Answer 1

• centrally planned
• leading edge
• free market
• monopoly
• scarce resources
• necessary evil

Question 2

What strategies have a strategic advantage and high dependence on day to day operations?

Answer 2

Centrally planned

Leading edge

Question 3

What strategies have a strategic advantage but low dependence on day to day operations?

Answer 3

Leading edge

Free market

Question 4

What strategies involve little strategic advantage but high dependence in day to day operations?

Answer 4

Monopoly

Scarce resources

Question 5

What strategies involve little strategic advantage and little dependence on day to day operations?

Answer 5

Scarce resources

Necessary evil

Question 6

What are some things about centralisation?

Answer 6

The five components (Hardware, Software, Data, People and Procedures) are under control of the IS department. This limits initiative from other departments

Question 7

What are something about decentralisation?

Answer 7

It allows for more initiative, possibly encouraging innovation, poses risk (data integrity, security, duplication of effort, costs)

Question 8

What are privacy and security?

Answer 8

Privacy is keeping personal or confidential information out of the wrong hands

Security is required to enforce these privacy policies

Security also involves ensuring continued access to required information

Question 9

What are the 6 privacy principles?

Answer 9

Personal information must be collected directly from the individual concerned

The individual should be aware that information is collected, and of the purpose

Impose reasonable safeguards against loss, misuse or disclosure of personal information

Individuals must have access to information about them

Individuals should be able to request correction of their personal information

Personal information obtained in connection with one purpose must not be used for another

Question 10

Security means preventing:

Answer 10

Unauthorised access to information
Unauthorised modification of information
Denial of service to authorised users
Provision of service to unauthorised users

Question 11

What are security costs?

Answer 11

Expected cost of security failure is cost of an incident times the probability of it happening

A business needs to balance cost of security against expects cost

Question 12

What are non-technological security features?

Answer 12

Data backups 
Power protection 
Physical disaster protection 
Alternative sites / disaster recovery 
Physical access control 
Precautions against social engineering

Question 13

What are some technology based security features?

Answer 13

Firewalls 
Access control For: 
Networks
Databases
Applications 
And through the encryption of data
Anti-malware software 
Activity monitoring