ACC ACF2400 tutorial 6 PDF

Title	ACC ACF2400 tutorial 6
Course	Introduction to Management Accounting
Institution	Monash University
Pages	3
File Size	166.7 KB
File Type	PDF
Total Downloads	28
Total Views	192

Preview

CLICK TO PREVIEW PDF

Summary

Download ACC ACF2400 tutorial 6 PDF

Description

ACC/ACF2400AccountingInformationSystems Tutorial6–InformationSecurity,ConfidentialityandPrivacy&Data AnalysisandDataVisualisation

Part1:IT Management Simulation Activity

Detailsofthesimulation(ITManagementSimulation:CyberAttack!)areavailableon: https://hbsp.harvard.edu/import/754811

TheabovelinkdirectsyoutotheHarvardBusinessPublishing(HPB)websitewhereyouneed to sign in using the email address and password that you used when registering for a HBP StudentAccount(pleasechecktheannouncementswiththeinstructionsonMoodleForum). Note: (1) Ifyouhaveforgottenyourpassword,clickthe“Forgotyourpassword?”link. (2) Ifyouhavenotregistered,pleasedosoatyourearliestconvenience, andcertainlyaheadofyourtutorialclass.

Yourtutorwillprovideyouwithinstructionsonthesimulation.

Goodluck & Havefun!

1

Part2:ExtraQuestionsforPractice(Romney&Steinbart,2018) Question1 Securityawarenesstrainingisnecessarytoteachemployees“safecomputing”practices.The key to effectiveness, however, is that it changes employee behaviour. Make two (2) recommendations so organisations can maximise the effectiveness of their security awarenesstrainingprograms.

Question2 Provideone(1)protectivecontrolandone(1)detectivecontrolthatwouldbestmitigatethe followingthreats. a) A salesperson successfully logged into the payroll system by guessing the payroll supervisor’spassword. b) An attacker gained access to the company’s internal network by installing a wireless accesspointinawiringclosetlocatednexttotheelevatorsonthefourthfloorofahigh‐ riseofficebuildingthatthecompanysharedwithsevenothercompanies.

Question3 Sometechnologiescancreateprivacyconcerns: a) Explainone(1)privacyconcernthatmightarisefromtheuseofbiometricauthentication techniques. b) Identifyandexplainhowtwo(2)othertechnologiesmightcreateprivacyconcerns.

2

Question4 Matchthefollowingtermswiththeirdefinitions.Writeyouranswerinthecolumnprovided. No Term Answer Definition 1 Vulnerability A. Anattackthatinvolvesdeceptiontoobtainaccess. 2 Exploit B. The set of employees assigned responsibility for resolvingproblemsandincidents. 3 Authentication C. Codethatcorrectsaflawinaprogram. 4 Authorisation D. Aplantoensurethatmodificationstoaninformation systemdonotreduceitssecurity. 5 Social E. Adevicethatprovidesperimetersecuritybyfiltering engineering packets 6 Firewall F. Theprocessofapplyingcodesuppliedbyavendorto fixaprobleminthatvendor’ssoftware. 7 CIRT G. Aflaworweaknessinaprogram. 8 Patch H. Restricting the actions that a user is permitted to perform. I. A process of verifying a user’s identity to decide 9 Change control whetherornottograntthatpersonaccess. and change management 10 Patch J. Softwarecodethatcanbeusedtotakeadvantageof management aflawandcompromiseasystem. 11 Digitalsignature K. The inability to unilaterally deny having created a document or file or having agreed to perform a transaction. 12 Digitalcertificate L. A process that transforms a document or file into a fixedlengthstringofdata(orcode). 13 Symmetric M. Ahashencryptedwiththecreator’sprivatekey. encryption 14 Hashing N. Adocumentorfilethatmustbedecryptedtoberead. 15 Plaintext O. anelectronicdocumentthatcertifiestheidentityof theownerofaparticularpublickey. 16 Ciphertext P. An encryption process that uses a pair of matched keys,onepublicandtheotherprivate.Eitherkeycan encryptsomething,butonlytheotherkeyinthatpair candecryptit. 17 Nonrepudiation Q. Adocumentorfilethatcanbereadbyanyonewho accessesit. 18 Asymmetric R. Anencryptionprocessthatusesthesamekeytoboth encryption encryptanddecrypt.

Part3:DataAnalysis&DataVisualisationforFM DownloadACC_ACF2400_tutorial6.xlsxfromMoodle(Week6>Tutorial6).Instructionsarein theworkbook.

Pleasecompletealltutorialquestionsbeforeattendingnexttutorial. 3...