Sppt chap011

•Download as PPTX, PDF•

0 likes•194 views

Awais Ahmed

Accounting Information System

Internet

Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Chapter 11
Computer Crime and Information
Technology Security

11-2
Outline
• Learning objectives
• Carter’s taxonomy
• Risks and threats
• IT controls
• COBIT

11-3
Learning objectives
1. Explain Carter’s taxonomy of computer
crime.
2. Identify and describe business risks and
threats to information systems.
3. Discuss ways to prevent and detect
computer crime.
4. Explain the main components of the CoBIT
framework and their implications for IT
security.

11-4
Carter’s
taxonomy
• Target
– Targets system or its data
– Example: DOS attack
• Instrumentality
– Uses computer to further
criminal end
– Example: Phishing
• Four-part system for
classifying computer
crime
• A specific crime may fit
more than one
classification
• The taxonomy provides
a useful framework for
discussing computer
crime in all types of
organizations.

11-5
Carter’s
taxonomy
• Incidental
– Computer not required,
but related to crime
– Example: Extortion
• Associated
– New versions of old
crimes
– Example: Cash larceny
• Four-part system for
classifying computer
crime
• A specific crime may fit
more than one
classification
• The taxonomy provides
a useful framework for
discussing computer
crime in all types of
organizations.

11-6
Risks and threats
• Fraud
• Service interruption and delays
• Disclosure of confidential information
• Intrusions
• Malicious software
• Denial-of-service attacks
Please consult the
chapter for the full
list.

11-7
IT controls
Confidentiality
Data integrity Availability
C-I-A triad

11-8
IT controls
• Physical controls
Guards, locks, fire
suppression systems
• Technical controls
Biometric access
controls, malware
protection
• Administrative
controls
Password rotation policy,
password rules, overall
IT security strategy

11-9
COBIT
• Two main parts
– Principles
Five ideas that form the
foundation of strong IT
governance and
management
– Enablers
Seven tools that match the
capabilities of IT tools with
users’ needs
• Control Objectives for
Information and
Related Technology
• Information Systems
Audit and Control
Association (ISACA)
• Framework for IT
governance and
management

What's hot

Information and network security 5 security attacks mechanisms and servicesVaibhav Khanna

Fears and fulfillment with IT securityDavid Strom

Lesson 2MLG College of Learning, Inc

Information Assurance And Security - Chapter 3 - Lesson 3MLG College of Learning, Inc

Information and network security 4 osi architectureVaibhav Khanna

Computer Security Primer - Eric Vanderburg - JURINNOVEric Vanderburg

Cyber warGuro/ Pharmacy muse/ isang mamayan ng PIlipinas/ Social Scientist

IT Security ServicesOmar Toor

Cybersecurity and Academic ResearchChristian Schreiber, CISM, PMP

Ethical hackingWinay Choudhary

Networksjanani thirupathi

Introduction to Information SecurityDr. Loganathan R

BAIT1103 Course Overviewlimsh

Know Your Enemy: Verizon Data Breach Reportbmonday

Perpetual Information Security - Driving Data Protection in an Evolving Compl...SafeNet

Cyber Security Case Studies Moksha Kalyan Ram Abhiramula

Topic 5.0 basic security part 1Atika Zaimi

Information security razendar79

DARPA Project Memex Erodes PrivacyChris Furton

What's hot (19)

Information and network security 5 security attacks mechanisms and services

Fears and fulfillment with IT security

Lesson 2

Information Assurance And Security - Chapter 3 - Lesson 3

Information and network security 4 osi architecture

Computer Security Primer - Eric Vanderburg - JURINNOV

Cyber war

IT Security Services

Cybersecurity and Academic Research

Ethical hacking

Networks

Introduction to Information Security

BAIT1103 Course Overview

Know Your Enemy: Verizon Data Breach Report

Perpetual Information Security - Driving Data Protection in an Evolving Compl...

Cyber Security Case Studies

Topic 5.0 basic security part 1

Information security

DARPA Project Memex Erodes Privacy

Similar to Sppt chap011

Principles of Computer Security, Fourth Edition Copyright .docxharrisonhoward80223

cyberlaws and cyberforensics,biometricsMayank Diwakar

Lecture_10_AML_in_Network_Intrusion_Detection.pptxHetansheeShah2

Lecture_10_AML_in_Network_Intrusion_Detection (3).pptxAditi943522

Lecture_10_AML_in_Network_Intrusion_Detection.pptxTsegabrehanZerihun

Ajs 524 Enhance teaching-snaptutorial.comrobertleew4

Ajs 524 Effective Communication / snaptutorial.comHarrisGeorg5

AJS 524 Enhance teaching - tutorialrank.comLeoTolstoy17

AJS 524 Effective Communication/tutorialrank.comjonhson250

ch01.pptssuser5162c9

Ajs 524Believe Possibilities / snaptutorial.comStokesCope5

Ch14Roxanne2006

Ch14 091120101906-phpapp01Cleophas Rwemera

4777.team c.finalAlexisHarvey8

Cyber crimeRanjana Adhikari

AJS 524 Expect Success/newtonhelp.commyblue18

A01450131IOSR Journals

Computer forensics 1Jinalkakadiya

Computer ForensicsDiscussion 1Forensics Certifications Ple.docxdonnajames55

Cyber crime24sneha

Similar to Sppt chap011 (20)

Principles of Computer Security, Fourth Edition Copyright .docx

cyberlaws and cyberforensics,biometrics

Lecture_10_AML_in_Network_Intrusion_Detection.pptx

Lecture_10_AML_in_Network_Intrusion_Detection (3).pptx

Lecture_10_AML_in_Network_Intrusion_Detection.pptx

Ajs 524 Enhance teaching-snaptutorial.com

Ajs 524 Effective Communication / snaptutorial.com

AJS 524 Enhance teaching - tutorialrank.com

AJS 524 Effective Communication/tutorialrank.com

ch01.ppt

Ajs 524Believe Possibilities / snaptutorial.com

Ch14

Ch14 091120101906-phpapp01

4777.team c.final

Cyber crime

AJS 524 Expect Success/newtonhelp.com

A01450131

Computer forensics 1

Computer ForensicsDiscussion 1Forensics Certifications Ple.docx

Cyber crime

Recently uploaded

定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一3sw2qly1

Complet Documnetation for Smart Assistant Application for Disabled Personfurqan222004

Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Deliverybabeytanya

VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...aditipandeya

VIP Kolkata Call Girls Salt Lake 8250192130 Available With Roomgirls4nights

sasti delhi Call Girls in munirka 🔝 9953056974 🔝 escort Service-9953056974 Low Rate Call Girls In Saket, Delhi NCR

VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4

Denver Web Design brochure for public viewingbigorange77

Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh

Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Lucknow

How is AI changing journalism? (v. April 2024)Damian Radcliffe

Call Girls Service Dwarka @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICECall Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure

Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service9953056974 Low Rate Call Girls In Saket, Delhi NCR

定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一Fs

10.pdfMature Call girls in Dubai +971563133746 Dubai Call girlsstephieert

Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4

Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝9953056974 Low Rate Call Girls In Saket, Delhi NCR

FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607dollysharma2066

A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton

Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts servicesonalikaur4

Recently uploaded (20)

定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一

Complet Documnetation for Smart Assistant Application for Disabled Person

Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery

VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...

VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room

sasti delhi Call Girls in munirka 🔝 9953056974 🔝 escort Service-

VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata

Denver Web Design brochure for public viewing

Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝

Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip

How is AI changing journalism? (v. April 2024)

Call Girls Service Dwarka @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE

Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service

定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一

10.pdfMature Call girls in Dubai +971563133746 Dubai Call girls

Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata

Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝

FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607

A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)

Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service

Sppt chap011

1. Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education. Chapter 11 Computer Crime and Information Technology Security

2. 11-2 Outline • Learning objectives • Carter’s taxonomy • Risks and threats • IT controls • COBIT

3. 11-3 Learning objectives 1. Explain Carter’s taxonomy of computer crime. 2. Identify and describe business risks and threats to information systems. 3. Discuss ways to prevent and detect computer crime. 4. Explain the main components of the CoBIT framework and their implications for IT security.

4. 11-4 Carter’s taxonomy • Target – Targets system or its data – Example: DOS attack • Instrumentality – Uses computer to further criminal end – Example: Phishing • Four-part system for classifying computer crime • A specific crime may fit more than one classification • The taxonomy provides a useful framework for discussing computer crime in all types of organizations.

5. 11-5 Carter’s taxonomy • Incidental – Computer not required, but related to crime – Example: Extortion • Associated – New versions of old crimes – Example: Cash larceny • Four-part system for classifying computer crime • A specific crime may fit more than one classification • The taxonomy provides a useful framework for discussing computer crime in all types of organizations.

6. 11-6 Risks and threats • Fraud • Service interruption and delays • Disclosure of confidential information • Intrusions • Malicious software • Denial-of-service attacks Please consult the chapter for the full list.

7. 11-7 IT controls Confidentiality Data integrity Availability C-I-A triad

8. 11-8 IT controls • Physical controls Guards, locks, fire suppression systems • Technical controls Biometric access controls, malware protection • Administrative controls Password rotation policy, password rules, overall IT security strategy

9. 11-9 COBIT • Two main parts – Principles Five ideas that form the foundation of strong IT governance and management – Enablers Seven tools that match the capabilities of IT tools with users’ needs • Control Objectives for Information and Related Technology • Information Systems Audit and Control Association (ISACA) • Framework for IT governance and management

10. 11-10 COBIT

11. 11-11 COBIT

12. 11-12