|
Threat Category |
Control |
Description |
Classification |
Type |
|
Accidental Corruption of information |
Proper shut down of the system |
The proper shut down of the system will help to save the files containing the information in a proper way. |
administration |
prevent |
|
Installation of the anti virus. |
The implementation of the antivirus will protect the data from the attacks from the malware. |
product |
prevent |
|
|
Keeping the backup of information regularly. |
Keeping the backup on regular basis will give a chance for the users to retrieve the right information in case the data is corrupted. |
Administrative |
prevent |
|
|
Security against the disturbance of the power. |
The disturbance in the supply of the power can cause the loss of the data in the system. The spark can damage the files and information in the system. |
product |
prevent |
|
Threat Category |
Control |
Description |
Classification |
Type |
|
Loss of intellectual property |
Securing the rights of the intellectual property. |
Securing the rights of the intellectual property is important as it will control the usage of the information. |
administrative |
Detect , prevent and compensate |
|
Proper monitoring of the usage of the intellectual property. |
The usage of the information is needed to be monitored so that the proper usage of the information is done in a proper way. |
administrative |
detect |
|
|
Giving proper reference while using the information. |
The information from the intellectual property is needed to be acknowledge when it is used for the references. |
administrative |
Prevent and compensate |
|
|
Application of the data protection act. |
The impose of the rules in the data protection act is needed to be done so that the copyright of the intellectual property is maintained. |
administrative |
prevent |
|
Threat Category |
Control |
Description |
Classification |
Type |
|
Software Piracy |
Clear software policy statement. |
The clarity in the software policy will help the employees to understand the boundaries in using the software products. |
administrative |
Prevent and detect |
|
Following anti piracy statement. |
The employees in the organization should maintain the anti piracy policies in the organization. |
Administrative |
detect |
|
|
Knowing the terms of licenses |
The renewal of the licenses are needed to be done maintain the routine. |
product |
detect |
|
|
Software inventories. |
Software inventories are needed to be done in a proper way. |
product |
detect |
|
Threat Category |
Control |
Description |
Classification |
Type |
|
Theft of information(hacker) |
Use of proper anti virus. |
The use of the proper anti virus will help the data secured from the hackers. |
Product |
prevent |
|
Use of firewall |
The use of firewall will prevent the entry of the unnecessary traffics in the organization network. |
Product |
prevent |
|
|
Use of VPN |
Use of the virtual private network will help the information to be secured from the outer world. |
product |
Detect and prevent |
|
|
Following the security awareness. |
The employees in the organization is needed to follow the proper security guidelines. |
administrative |
Detect and prevent |
|
Threat Category |
Control |
Description |
Classification |
Type |
|
Theft of information(employees) |
Choosing the right authority for the access of the data. |
The authority of accessing the sensitive information is needed to be given to the right person. |
Administrative |
Prevent and detect |
|
Using username and password. |
The important information is needed to be protected through the application of the username and the password. The access of the username and password is needed to be restricted to the certain group of people and higher authority. Apart from that the periodic change in the user name and password is needed to be done. |
administrative |
Prevent and detect |
|
|
Monitoring the activities. |
Proper monitoring of the activities of the employees with the system will help to prevent the chances of the breaching of the data. |
Administrative |
prevent |
|
|
Proper implementation of the rules |
The implementation of the rules and regulations regarding the prevention of the threats regarding information security will be helpful in this context. The management of the organization is needed to instruct the employees to follow those rules and regulations while handling the sensitive data and information. |
administrative |
Prevent and compensate |
|
Threat Category |
Control |
Description |
Classification |
Type |
|
Website Defacement |
Testing and the audits of the security |
The hackers will try to exploit the vulnerabilities through the patched system. However, proper and regular testing will prevent these threats. |
Product and administration |
Prevention and detection |
|
Prevention of the SQL injection attacks. |
The malicious SQL instructions are inserted into the pre defined SQL codes in order to affect the execution. The prevention of the SQL injection is required in this context. |
product |
detection |
|
|
Prevention of the cross site prevention attacks. |
Through the cross scripting technique the attackers tries to pass the malicious code through the form of the web page. Prevention of the cross scripting can help to prevent the website defacement. |
Product |
Prevention and detection |
|
|
Use of the defacement detection and monitoring tools. |
There are tools and techniques for the monitoring and the control of the website defacement. The selection of the tools is needed to be done on the basis of the working and the type of the website. |
product |
Prevention and detection. |
|
Threat Category |
Control |
Description |
Classification |
Type |
|
Theft of equipment |
Implementation of the proper monitoring system. |
The implementation of the proper monitoring system will help to keep the track of the equipments. |
Administrative |
Prevention, detection and compensate |
|
Keeping the records of the system. |
Keeping the track and count of the equipments is important. |
Administrative |
Prevention and compensate |
|
|
Tagging the system. |
All the equipments are needed to be tagged in order to keep the list in proper way. |
Administrative |
prevention |
|
|
Tracking of the system. |
Each equipment are needed to be tracked on regular basis. |
Administrative |
prevention |
|
Threat Category |
Control |
Description |
Classification |
Type |
|
Viruses, Worms, Trojan Horses |
Usage of anti virus software. |
The usage of the anti virus software will help to prevent the attacks from the virus and Trojan horse. |
Product |
Prevention , detection and monitoring |
|
Usage of firewall. |
The use of the firewall will prevent the unnecessary traffics to enter into the system. |
product |
Prevention , detection and monitoring |
|
|
Increasing the awareness among the users. |
The users are needed to be aware about the importance of maintaining the security guidelines while using the system. |
administration |
Prevention and detection |
|
|
Usage of the updated software patches. |
The updated patches of the software has extra features to prevent the new attacks. The organizations should use the updated patches of the software. |
products |
Prevention and detection |
|
Threat Category |
Control |
Description |
Classification |
Type |
|
Elevation of privilege |
SID filtering |
SID filtering is the main way for the prevention of the elevation of the privilege. |
product |
prevention |
|
Prevention of the privilege account escalations. |
Privili8age access management will help to delegate the directory services. |
administration |
Prevention and detection |
|
|
Local administrator password solutions. |
Assigning the local administrative password would be helpful in this context. This will prevent the unauthorized use of the account. |
administration |
prevention |
|
|
Monitoring for creeps and exploits. |
Privilege accounts are the main target for the escalations. In this case proper monitoring would be helpful. |
administrative |
Prevention and detection |
|
|
Threat Category |
Control |
Description |
Classification |
Type |
|
Fire/flood |
Off site backup |
The offline backup of the cloud storage in needed to be dome. So that the data can be use even if the information stored in the cloud get breached. |
administrative |
Prevention and compensate |
|
Use of the external drive |
The data can be stored and backup can be taken through the use of the external drive. |
product |
compensate |
|
|
Proper online backup |
Proper backup of the data is needed to be stored online. So that the data can be retrieved from the online source even if the system is affected badly. |
Administrative |
compensate |
|
|
Maintenance of the system |
The maintenance of the system is important. So that the equipment can be safe and any glitches in the system can get notices in early stage. |
Administrative |
Detection and prevention |
Chandra, J.V., Challa, N. and Hussain, M.A., 2014. Data and information storage security from advanced persistent attack in cloud computing. International Journal of Applied Engineering Research, 9(20), pp.7755-7768.
Gordon, W.J., Fairhall, A. and Landman, A., 2017. Threats to Information Security—Public Health Implications. New England Journal of Medicine, 377(8), pp.707-709.
Haager, J., Sandwith, C., Terrano, J. and Saripalli, P., Topia Tech Inc, 2018. Systems and methods for security hardening of data in transit and at rest via segmentation, shuffling and multi-key encryption. U.S. Patent 9,990,502.
Jakimoski, K., 2016. Security techniques for data protection in cloud computing. International Journal of Grid and Distributed Computing, 9(1), pp.49-56.
Ramachandran, M. and Chang, V., 2016. Towards performance evaluation of cloud service providers for cloud data security. International Journal of Information Management, 36(4), pp.618-625.
Redlich, R.M. and Nemzow, M.A., Digital Doors Inc, 2017. Digital information infrastructure and method for security designated data and with granular data stores. U.S. Patent 9,734,169.
Rittinghouse, J.W. and Ransome, J.F., 2016. Cloud computing: implementation, management, and security. CRC press.
Safa, N.S., Sookhak, M., Von Solms, R., Furnell, S., Ghani, N.A. and Herawan, T., 2015. Information security conscious care behaviour formation in organizations. Computers & Security, 53, pp.65-78.
Safa, N.S., Von Solms, R. and Furnell, S., 2016. Information security policy compliance model in organizations. Computers & Security, 56, pp.70-82.
Xu, L., Jiang, C., Wang, J., Yuan, J. and Ren, Y., 2014. Information security in big data: privacy and data mining. IEEE Access, 2, pp.1149-1176.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download