HomeworkLib
Question

An employee who needs permission to access an electronic workspace, database, or other information system resource...

An employee who needs permission to access an electronic workspace, database, or other information system resource typically fills in a request form and obtains approval from the responsible manager. The manager then routes the request to one of the system’s administrators.

Highly trusted and well-trained systems administrators spend a significant amount of time doing nothing more technical than adding or removing names from access control lists. In large organizations, it’s not unusual for systems administrators to have never met any of the people involved in a specific request. The administrators may not even work in the same office.

Hackers have learned to take advantage of this approach to access authorization. They begin by probing an organization. The hacker doesn’t expect to compromise the system during this initial probe. He or she just starts by making a few phone calls to learn who is responsible for granting access and how to apply. A little more probing helps the hacker learn who’s who within the organization’s structure. Some organizations even post this information online in the front of employee directories. With this information in hand, the hacker knows whom to talk to, what to ask for, and what names to use to sound convincing. The hacker is now ready to try to impersonate an employee and trick a system administrator into revealing a password and unwittingly unauthorized access.

Organizations determine who needs access to which applications. They also need a system through which they can authenticate the identity of an individual making a request. Finally they need to manage this process both effectively and inexpensively. Prepare a response to the below using the MS Word application:

  • Describe the business problems that this exercise presents.
  • Suggest several ways to reduce an organization’s exposure to social engineering.
  • Prepare an orientation memo to new hires in your IT department describing “social engineering.” Suggest several ways employees can avoid being tricked by hackers.
engineering   Computer-Science   
0 0
Add a comment Improve this question Transcribed image text
Next > < Previous
Sort answers by oldest

Homework Answers

Answer #1

0 0
Add a comment
Know the answer?
Add Answer to:
An employee who needs permission to access an electronic workspace, database, or other information system resource...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions

  • CASE STUDY U.S. Office of Personnel Management Data Breach: No Routine Hack The U.S. Office of...

    CASE STUDY U.S. Office of Personnel Management Data Breach: No Routine Hack The U.S. Office of Personnel Management (OPM) is conducted, may have been extracted. Government offi responsible for recruiting and retaining a world-class cials say that the exposure of security clearance irn workforce to serve the American people and is also mation could pose a problem for years responsible for background investigations on pro- spective employees and security clearances. In June the OPM system, and its records were protected...

  • Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around...

    Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...

  • Hi, Kindly assist with my project management assignment below using the attached case study Question 1 Update the project charter for the remainder of the project in response to Adams’ memo (lines 241...

    Hi, Kindly assist with my project management assignment below using the attached case study Question 1 Update the project charter for the remainder of the project in response to Adams’ memo (lines 241 through 246). Question 2 Prepare a plan for the remainder of the project in response to Adams’ memo (lines 241 through 246). Your answers to the above will be assessed in terms of the level of communication displayed, the insights and inferences drawn, and your ability to...

  • First, read the article on "The Delphi Method for Graduate Research." ------ Article is posted below...

    First, read the article on "The Delphi Method for Graduate Research." ------ Article is posted below Include each of the following in your answer (if applicable – explain in a paragraph) Research problem: what do you want to solve using Delphi? Sample: who will participate and why? (answer in 5 -10 sentences) Round one questionnaire: include 5 hypothetical questions you would like to ask Discuss: what are possible outcomes of the findings from your study? Hint: this is the conclusion....

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT