Suggest three defensive layers that might be included in an information system to protect data items from changes made by someone who is not authorized to make these changes.
What will be an ideal response?
To protect data in a system from unauthorized updates, you may include the
following defensive layers:
1. Authentication To access the services that update data, a user must explicitly
authenticate themselves to the system. You may have a multi-layer
authentication system so that users have to provide a login/password and
some other information to log on to the system.
2. Undo Undo functionality is usually provided in applications so that user
errors can be easily corrected. However, it can also be used to restore data
that has been maliciously modified, if the attacker has gained access to the
system and has used the normal system commands to change the data. This
means that you should not discard the update history at the end of a session
but should maintain it along with the data itself.
3. Checksums Checksums are unique numbers that are calculated from the
contents of a data item. Any changes in the data lead to changes in the
checksum. You can therefore use checksums to detect if data items have
been changed and, if these are unauthorised, you can restore the data from a
backup.
You might also like to view...
If class A is derived from class B, and a virtual function in class B throws an exception, then the overridden version of that function in class A must
a. not throw any exceptions b. have an exception specification that is a subset of the exception specification of the base class B c. not throw any exceptions that the function in class B might throw d. all of the above
What is the first line of defense against viruses and worms?
a. A personal firewall b. The Mac OS X operating system c. Antivirus software d. The Linux operating system
You can identify a class that is an application because it contains a public static void main() method.
Answer the following statement true (T) or false (F)
Use the ____________________ dialog box to specify a term to include in an index.
Fill in the blank(s) with the appropriate word(s).