Task 1: main question :Carefully review and research all components of an information system. Based on findings, apply this knowledge and discuss with your peers how each of these components are associated with you and your given work environment or a future work environment if not currently employed.
Note : No need to give replies to main post ,read below student posts and reply each of them in 150 words.
saikumar –The Components of Information Systems
Based on the procedures guide people on how to mitigate any potential risks that may occur during the use and management. On that are sent, retrieved, stored, posted, are processed through operating software and programs on sensitive equipment such as a computer or maybe even your phone. The different types of information technology revolve around the development and repair of both inside and outside of the computer. By including the behaviors and interference with analytical or quantitative numeric and qualitative nominal data sets (Gonzales, 2019).
1. Identification Chaining: With the Biometric Authentication on Smartphoneâ€™s is quite reliable now. So the next step is chaining the authentication or identification to the applications running on other devices. So in 2019, people should carry out their biometric-enabled Identity Cards, which are Smartphoneâ€™s, and use them to identify them for using applications and other facilities. Global Input App already provides this mechanism, so the next step is to apply to the applications and facilities (Han, 2018).
2. Data Protection: Data will be encrypted by default and the encryption keys will be protected by the key coming from smart phones in which is again the personal identity card. Global Input application provides this mechanism to allow users to identify themselves and provides keys to encrypt or decrypt data to assign personal responsibility for processing data.
3. Augmented Reality: In 2019 we should see more applications on augmented reality. In the argument, reality applications should help us to make decisions by analyzing the reality we are looking at. Even in the workplace, an employee should be able to navigate to accomplish a task. The tutorial about using an application can be done with augmented reality as DOI is the same in learning to assemble instruments should be much easier (Raschke, 2014).
An information system is a combination of hardware, software and also telecommunication networks that are used to convert data into information to be used in various fields to produce a certain desired result. This system is very useful and very complex to use but with certain management and use can lead to better ways (Avison & Fitzgerald, 2003). The information system has five main components that make it a set and ach component depends on one another to make it work for better result.
The first component is the computer hardware. This includes input, output and processing of the data. What hardware is used depends on the organization and its demands. They include of input, an output device, an operating system processor and media devices. The second component is computer software. The programs or applications used to make use of the hardware to run them into better ends. They are used for analyzing and processing data with a set of instructions.
The third component is the databases. These are the raw data to be worked on to produce information. All other components must be directly equipped with this to make them efficient. The fourth component is network. This enables direct uninterrupted flow of data and information in the whole system to certain phases to make it be used. The fifth one is the human resources. This includes the manpower to be used to run the system. The end result of the system is to benefit the end user and it depends on the information output for the end user.
This at last gives us the rundown of the system and it helps us understand the system and every effort in order to give focus in this system to impact many information system and make use of the almost wasted raw data flowing aimlessly everywhere(Wiederhold,1992).
Task 2: provide reply to below student post each in 150 words
shasank -Deception means deliberately misleading someone by creating certain system components that look like authentic elements (Rouse, 2016). Deception is performed to trap individuals and steal their confidential data. However, deception can also be used to protect IT assets from adversaries (malicious users) in terms of cybersecurity. Adversaries use four stages of attack namely scanning, discovery, exploitation and exposing. Both offline and online scanning can be performed to recognize exploitation points. Therefore, database and network designers use strong design interfaces which include authorized services, bogus vulnerabilities and real vulnerabilities to misdirect attackers. Some deliberate and inadvertent open ports are designed to lead the adversaries to a honey pot. However, the honey pot contains fake assets. Besides, valid ports included in deception technology are closely monitored and embedded with high security measures. Further, authentic frontend interface is designed so that adversaries believe the bogus assets are authentic. Thus, hackers accept various security baits during the discovery stage and could not exploit confidential data (Almeshekah & Spafford, 2016). Moreover, few deceptive documents stating security protocols and vulnerabilities are also placed in the system so that adversaries can become convinced about the security design.
Besides, deception technology is also used to prevent disclosure of authentic information in the exploitation stage. If bogus assets are breached, incident response team and intrusion detection system can be fooled by believing false alarms generated after the attack. Such issues can be avoided by isolating traps, process coordination, and backend monitoring. Besides, certain procurement tricks are also developed by realizing adversary behaviour in diverse scenarios (Aggarwal, Gonzalez & Dutt, 2016). Forensic analysis is performed to comprehend adversary behaviour in exposing stage, which helps to detect various security challenges in interface design. Thus, a better depiction infrastructure can be designed. National deception method focuses on using selective technologies, tools and methods to prevent an attack. However, deception is not efficient to deal with botnet attacks.
nagi -Denial of Service by Nagi
Cyber-attacks are now becoming a global concern that appears inevitable. The recent cyber-attack in Travelex company showcases a vivid demonstration that cyber-attack is everywhere. The attack has halted all Travelex operations. Many businesses, such as Travelex have experienced similar attacks. Some have lost billions of dollars while others have close down due to cybercrimes. Sadly, the attacks seem not ending. Today, hackers have introduced deceptions strategies that make individuals and organizationsâ€™ data vulnerable to numerous attacks. Although there are several deceptions techniques, hackers use denial of service attack frequently.
Denial of Service is a type of attack that focuses on networks and machine. The attack generally shut down a particular network connection or stop the functionality of organization machine preventing users from getting regular services. Hackers through denial of service targets servers in high profile industries such as media, banking and commerce companies (Dolk, Tesi, De Persis & Heemels, 2016). Other organization include trade and government entities.
To deny users routine services, denial of services sends big data that crashes the system or floods the targeted web servers with traffic. The two technique deprives the legitimate users the accessibility of services that web server offers. The flooding method succeeds when a system obtains excessive traffic making the server slow that eventually shut down. Flooding attacks include ICMP flood, SYN and buffer overflow. The other method exploits vulnerabilities that result in a crash.
To prevent Denial of services organization controlling the servers should implement various countermeasures. The first step to take is to develop a response plan. It is crucial to establish a prevention plan. High profile organizations should develop a complex infrastructure controlled by multiples groups when planning denial of services countermeasure (Razak, 2016). A plan facilitates a quick response when a denial of service occurs.
Correspondingly, it is vital to secure network infrastructure. Preventing network crash can only succeed when there is advanced level protection framework. The framework necessitates establishing threat detection systems and prevention of intrusions such as the use of anti-spam, load balancing, VPN as well as counter filtering (Zare, Azadi & Olsen, 2018). Additional countermeasures include maintaining complex network architecture and leveraging cloud.