Wednesday, February 18, 2009

PROTECTING INFORMATION RESOURCES


"Risk analysing"

Intro: Kaspersky creates viruses first and then anti-viruses.(Actually, nobody knows that the person who creats antiviruses, creats viruses first. And they are the main hackers)

The main problem of companies and organizations is that THREAT can impact an information resource. Good defend helps organizations to work properly.

Risk is the probability or chance that a threat will impact an information resource.

Risk management it is the way of seeking methods to reduse the risk of impact of treats.(It`s like trying to identify, to control, to put for safe level the Threat and so on).There are two things in this definition that may need some clarification. First, the process of risk management is an ongoing process. It must be repeated indefinitely. The business environment is constantly changing and new threats aviable every day. Second, the choice of controls used to manage risks must strike a balance between productivity, cost, and effectiveness.

Risk analysis is process where organization put the value for each thing which is protecting. Also, we can call it put as categorazing of prioritets of protection level.
Based on this analysation organization considers how to mitigate(to expiate or to make more softer) the risk.

Risk mitigation It is when organization takes strong action against the risk
And it has 2 functions:
  1. Using controls to prevent threats from outside
  2. While developing do not give a chance for the threat
There are 3 things that organization may adopt:
  • Risk acceptance. (Organizations should not ignore defending system. Updating and so on...)
  • Risk limitation. Limit the risk by configuring controls of protection (Ex:Firewall...)
  • Risk transference. Example is purchasing insurance(Copy of your information on other devices like harddisk)
After all, let`s look when control is not cost effective... It is when the cost of defending system is more higher than the value of things being protected. (Ex)

Difficulties of protecting information resources:
  • There hudreds of threats exist
  • A lot of criminals, who was caugt go unpunished
  • The cost of defending sysytem is very high
Intro about CONTROLS
There are many ways of protection. The strongest one is to join with the FBI (NIPC)
It`s designed to protect nation`s infrastructures such as energy, transportation, finance and many other things. But it costs so much! For small companies it`s going to be just not cost-effective.
Posted by at No comments:

Sunday, February 8, 2009

Assignment No IV

CYBERSQUATTING

-cybersquatting is registering, trafficking in, or using a domain name with bad-faith intent to profit from the goodwill of a trademark belonging to someone else. It generally refers to the practice of buying up domain names that use the names of existing businesses with the intent to sell the names for a profit to those businesses.



A)Find at least ONE website that you find as cybersquatting site.
EX:
  • http://counterstrike.ru
http://counter-strike.ru
http://counter-strike.in.ua
http://contrstrike.ru
http://counterstrike.ucoz

  • http://www.friendster.com
http://www.friendstar.com

B) Three Books from Law, Human Science and Technology

LAW
The Strong arm of the law, armed and public order policing, P.A. J. Waddington
ISBN 0198273592
Call No HV8195A3W118

Human Science
The Lockean theory of rights by Simmons, A. John, 1950
ISBN 0691086303
Call No JC153L87S592L

Technology
Analysis Of Today's Telecommunications Systems, IBM vs Competitors
ISBN 0927695472
Call No HD9696C64A532

C) Bro Mohd Asmady Zakaria blog

1) First of all i saw prayer times) That means his is religios person and he wants other to see it and to go pray at thetime) Well done)
2) It`s well designed. Evethough I`ve visited this site for the first time, i liked main menu links...They really help person to see all pleasents of that site)
3) And it shows online persons...So, we can communicate with each other...Well done)

D) Name the URL for Kulliyah of ICT.

http://kict.iiu.edu.my/

E) Go to CFS IIUM Library, find 10 books that categorized under Red spot collections

  • (Our math book) Applied Mathematics for the Managerial, Life, and Social Sciences
  • Glencoe physics Principles and Problems
  • A short history of secularism
  • Calculus K.G. Binmore
  • Sociological biology : for A-level and intermediate students in Africa
  • The Internet (7th edition)
  • Introduction to Information Systems (2nd edition)
  • Information Systems Workbook
  • Game theory and economic modelling
  • Economic decisions under inflation

HABIS LAH)))
Posted by at No comments:
Subscribe to: Posts (Atom)