Return to main page

Chapter 5 Exercises

Chapter 1 2 3 4 5 6 7 8 9 10 11 12 13 14

Principles of MIS

© 2008 by Jerry Post
  1. Run Windows update on your computer and select the custom option. How many updates are available? List them. Do the same for Office update.
  2. Review newspapers, magazines, and Web sites and find one case of an actual security problem, such as theft of data. If possible, identify the value of any losses and whether the criminal was caught. Summarize steps that could have been taken to prevent the incident.
  3. Several news reports (in 2007) revealed that restaurants are a major problem in terms of protecting credit card data. Many restaurants have inadequate safeguards and some have been the cause of stolen information. Briefly explain why this problem arose and what reasonable steps could be taken by restaurants and banks to reduce the risk.
  4. Search the Web and find two programs that could be used to crack passwords on a Microsoft Word document. Do not purchase or download them. Explain if you think legitimate companies are selling them and whether the tools would actually work.
  5. Assume you work for a company and you when searching the Web you find some secret company information displayed on a Web site. Outline the steps that you could take to get the material removed and possibly track the criminal who stole it and posted it.
  6. Use public Web sites and search engines to search your own name. What data do you find? How would a potential employer perceive that information when running the same searches? What can you do to clean up the data?
  7. Find and download a free trial copy of a personal intrusion detection system, and install it on a PC connected to the Internet full-time (school connection, DSL, or cable modem). Let the system run for a few days and record how many potential attacks it records.
  8. btain a tool that searches for spyware and check your computer. If you have permission on a public machine (lab or library), run the tool on it. Write a brief report of any problems you found.
  9. Use the Windows Task Manager to list all of the active processes on your computer. Search the Internet to identify the purpose of each process.
  10. Assume you have a server with about 120 gigabytes of data. Identify the hardware and software you could use to make backups. Be sure to specify the price and estimate the amount of time it will take to back up the data.

    11. Toolbox logoTechnology Toolbox

  11. Install a digital security certificate on your computer and send a digitally signed message to your instructor.
  12. Read the information on the Thawte Web site about how users can be authenticated (Web of Trust). Briefly explain how the system works. Do you think this is a secure and reliable system?
  13. Use the Web to find the best price on a security certificate that you can install on a business Web server. Assume that you will need the server for at least five years. To be safe, check your Web browser to ensure that the certificate authority is listed in the Trusted Root certificates.
  14. If you have the appropriate network permissions, or using your own computer, create a Marketing group and three users on your computer. Create a folder and set the permissions so that the Marketing group can access the files in the folder. Add your instructor to the group and include a test file that he or she can read.
  15. Check the security permissions on your computer—particularly the My Documents folder (or wherever you store most of your files). Is the folder secure or should you set different permissions?

    16. Teamwork logoTeamwork

  16. Create a subdirectory on a computer that enables you to set access rights. Select a user or group and set permissions so members of that group can read the data but cannot change it. All other users (except yourself) cannot read the data.
  17. Conduct a small survey of students (not in your MIS class). Find out how often they back up their data, the last time they updated their operating systems, and how many of them have been infected by a virus in the last 6, 12, and 24 months.
  18. Create a simple chart in a spreadsheet and encrypt it. Send a version to each person on your team using a different password/key so that they can add a couple rows of data and return it. Combine the results into one spreadsheet. Comment on any problems you encountered.
  19. Each person should save a small Word document and encrypt it with a password. Exchange files with others in the group and see if you can guess the passwords to open the file. At least one person should pick a relatively easy password.
  20. Each person should describe a movie scene or TV show episode that involve some type of computer security or attack. Explain whether the event is realistic. Swap the descriptions with team members and have each person add a list of actions that could be taken to prevent the attack.

    21. Rolling Thunder Bicycles logoRolling Thunder Database

  21. What privacy problems might exist at Rolling Thunder? What rules or procedures should you enact to avoid problems? Write a privacy statement for the company.
  22. If Rolling Thunder Bicycles adds an Internet site to order bicycles and deal with customers, what security procedures should be implemented to protect the data?
  23. Research the costs and steps involved in setting up a secure Web server for Rolling Thunder that can be used to sell bicycles over the Internet.
  24. Write a disaster plan for Rolling Thunder. Identify how the backup tapes will be handled and the type of system you will need if a natural disaster hits.
  25. Identify and briefly describe the top security threats that would be faced by Rolling Thunder. Outline the primary steps you would take to reduce the risks.