Title | ACC ACF2400 tutorial 6 |
---|---|
Course | Introduction to Management Accounting |
Institution | Monash University |
Pages | 3 |
File Size | 166.7 KB |
File Type | |
Total Downloads | 28 |
Total Views | 192 |
Download ACC ACF2400 tutorial 6 PDF
ACC/ACF2400AccountingInformationSystems Tutorial6–InformationSecurity,ConfidentialityandPrivacy&Data AnalysisandDataVisualisation
Part1:IT Management Simulation Activity
Detailsofthesimulation(ITManagementSimulation:CyberAttack!)areavailableon: https://hbsp.harvard.edu/import/754811
TheabovelinkdirectsyoutotheHarvardBusinessPublishing(HPB)websitewhereyouneed to sign in using the email address and password that you used when registering for a HBP StudentAccount(pleasechecktheannouncementswiththeinstructionsonMoodleForum). Note: (1) Ifyouhaveforgottenyourpassword,clickthe“Forgotyourpassword?”link. (2) Ifyouhavenotregistered,pleasedosoatyourearliestconvenience, andcertainlyaheadofyourtutorialclass.
Yourtutorwillprovideyouwithinstructionsonthesimulation.
Goodluck & Havefun!
1
Part2:ExtraQuestionsforPractice(Romney&Steinbart,2018) Question1 Securityawarenesstrainingisnecessarytoteachemployees“safecomputing”practices.The key to effectiveness, however, is that it changes employee behaviour. Make two (2) recommendations so organisations can maximise the effectiveness of their security awarenesstrainingprograms.
Question2 Provideone(1)protectivecontrolandone(1)detectivecontrolthatwouldbestmitigatethe followingthreats. a) A salesperson successfully logged into the payroll system by guessing the payroll supervisor’spassword. b) An attacker gained access to the company’s internal network by installing a wireless accesspointinawiringclosetlocatednexttotheelevatorsonthefourthfloorofahigh‐ riseofficebuildingthatthecompanysharedwithsevenothercompanies.
Question3 Sometechnologiescancreateprivacyconcerns: a) Explainone(1)privacyconcernthatmightarisefromtheuseofbiometricauthentication techniques. b) Identifyandexplainhowtwo(2)othertechnologiesmightcreateprivacyconcerns.
2
Question4 Matchthefollowingtermswiththeirdefinitions.Writeyouranswerinthecolumnprovided. No Term Answer Definition 1 Vulnerability A. Anattackthatinvolvesdeceptiontoobtainaccess. 2 Exploit B. The set of employees assigned responsibility for resolvingproblemsandincidents. 3 Authentication C. Codethatcorrectsaflawinaprogram. 4 Authorisation D. Aplantoensurethatmodificationstoaninformation systemdonotreduceitssecurity. 5 Social E. Adevicethatprovidesperimetersecuritybyfiltering engineering packets 6 Firewall F. Theprocessofapplyingcodesuppliedbyavendorto fixaprobleminthatvendor’ssoftware. 7 CIRT G. Aflaworweaknessinaprogram. 8 Patch H. Restricting the actions that a user is permitted to perform. I. A process of verifying a user’s identity to decide 9 Change control whetherornottograntthatpersonaccess. and change management 10 Patch J. Softwarecodethatcanbeusedtotakeadvantageof management aflawandcompromiseasystem. 11 Digitalsignature K. The inability to unilaterally deny having created a document or file or having agreed to perform a transaction. 12 Digitalcertificate L. A process that transforms a document or file into a fixedlengthstringofdata(orcode). 13 Symmetric M. Ahashencryptedwiththecreator’sprivatekey. encryption 14 Hashing N. Adocumentorfilethatmustbedecryptedtoberead. 15 Plaintext O. anelectronicdocumentthatcertifiestheidentityof theownerofaparticularpublickey. 16 Ciphertext P. An encryption process that uses a pair of matched keys,onepublicandtheotherprivate.Eitherkeycan encryptsomething,butonlytheotherkeyinthatpair candecryptit. 17 Nonrepudiation Q. Adocumentorfilethatcanbereadbyanyonewho accessesit. 18 Asymmetric R. Anencryptionprocessthatusesthesamekeytoboth encryption encryptanddecrypt.
Part3:DataAnalysis&DataVisualisationforFM DownloadACC_ACF2400_tutorial6.xlsxfromMoodle(Week6>Tutorial6).Instructionsarein theworkbook.
Pleasecompletealltutorialquestionsbeforeattendingnexttutorial. 3...