SlideShare a Scribd company logo

IT Security and Risk Management - A - ST.docx

Download as DOCX, PDF
smumbahelp
smumbahelp

The document provides information about solved assignments available from professionals and contact details. It also contains sample questions and answers related to IT security topics like malware, cyber attacks targeting senior citizens, PayPal's security practices including their bug bounty program, and potential issues from security lapses in payment transactions.

Education
1 of 5
Dear students, get latest Solved assignments by professionals. Mail us at: help.mbaassignments@gmail.com Call us at: 08263069601 IT Security and Risk Management June 2022 Examination Q1. Malware is intrusive software that is designed to damage and destroy computers and computer systems. Malware is a contraction for “malicious software.” Explain the various types of malware and how is ransomware different from a virus/worm? (10 Marks) Ans 1. Introduction Viruses and other forms of harmful software can be covered under the umbrella term "malware." Cybercriminals commonly utilize it to gain facts from their victims that they'll then exploit to make money. From financial records to healthcare statistics to personal emails and passwords, the breadth of data that can be hacked has grown exponentially. The phrase "malicious software program" or "malicious software" is an umbrella period for any malicious program or code damaging to a computer. Assailants and
Q2. The estimated losses due to elder financial abuse range widely. The FBI’s Internet Crime Complaint Center (IC3) 2018 Internet Crime Report shows that people 60 and older submitted more than 62,000 fraud complaints in 2018 with losses totaling nearly $650 million. Some less conservative sources estimate that fraud against seniors, or what’s known as elder financial exploitation (EFE), costs families in the U.S. upwards of $36 billion per year. Research shows that as seniors age, they’re more likely to sustain higher average losses to senior financial scams. Explain the most common types of attacks targeting senior citizens and suggest precautionary measures for them with reference to these attacks? (10 Marks) Ans 2. Introduction The trouble of cyber fraudsters preying on the elderly affects many countries. The elderly may be more liable to -bit scams than different age businesses. This makes them easy prey for criminals, who prey on the elderly, widows, and lonely grandparents. Different concerns come into play. Many older people have been overdue adopters of Q3. For a payment processing site , such as PayPal, security is of utmost important. In PayPal, more than 12 million payment transactions are processed on a daily basis, and this number rises to 15M million during peak days. Nowadays, PayPal has implemented a new and advanced approach to catching bugs and vulnerabilities in its website. This security feature was an add-on to a committed team of more than 2000 anti-fraud specialists who are responsible for taking care of the perimeter security. Each customer accountand payment transactions were monitored by the organisation 24/7 so that there is no fraudulent activity, email phishing and loss of identity.
Moreover, the security was also ensured by maintaining every communication between servers on SSL. However, in the case of any flaw in any of these security features, an alarm should be raised. Now, PayPal has contacted and assigned members who can work on bonus basis for the website security. These security researchers who are paid for identifying the bugs and possible vulnerabilities in PayPal’s website are known as bounty hunters. “There are a lot of security researchers, there are a lot of other people out there who are experts on security. We have a very successful bug bounty program, where researchers will find a vulnerability on our sites that we’ve missed,” explains Shivananda. Every bug spotter looks for his/her benefit in identifying bugs. Therefore, PayPal rewards these bounty hunters with the designation of a hero and their achievements portrayed on the ‘Wall of Fame’. In monetary terms, a huge amount is paid to them. PayPal pays $10,000 (about `6.5 Lakh) to identify a remote code of execution. In this case, the spotter of an authentication bypass vulnerability will get $3000 and the one working on cross-site scripting error would get $750. Many companies such as Facebook and eBay have involved the community for high- level security. Let’s understand the manner in which the bug bounty program introduced by PayPal works. First, a security researcher enters and submits a security bug on the PayPal portal. On its completion, the security professionals I working at PayPal test that vulnerability and checks whether or not it is a real issue. They also understand the fixes and communicates to the researcher saying “Yes, what you’ve submitted is a genuine issue. Thank you for that. We’re processing it, and as we process it, we’ll come back to you,” said Shivananda. After the bug is successfully closed, security researchers are entitled to compensation from PayPal. The following vulnerabilities are out-of-scope for PayPal: • Vulnerabilities based on social engineering techniques • Vulnerabilities based on brute force
The main objective of a payment processing company is to serve customers innovatively in 200 markets taking care of the fact that the losses are a third of one percent. Along with this, a huge amount of creativity has to be brought in designing the fraud eco-system. PayPal invests a lot of resources in analysing the transactions, account details, and ensuring that no fraudulent transaction is completed on their website. In fact, it’s surprising that PayPal has the least loss in the payment industry that is one-third of one percent. The combination of machine learning and data sciences on the massive data sets helped PayPal to attain the position where it can assure the customers regarding the safety of their transactions. “A loss rate of one-third of one percent is something we can brag about in the industry,” beams Shivananda a. Why PayPal thought of hiring bounty hunters? (5 Marks) Ans 3a. Introduction Moral hackers who uncover vulnerabilities in PayPal's software program and services were rewarded handsomely in the latest media reviews. As of March 2018, PayPal's most worm bounty payout has been raised to $30,000, a b. What type of issues can be faced by PayPal if there is some sort of security lapse in the customer payment transactions? (5 Marks) Ans 3b.
Introduction PayPal payments private limited ("PayPal"), an Indian corporation, and you've entered into this agreement to govern your use of your PayPal account and the PayPal offerings. A character has to be a minimum of 18 years of age and a resident of India to establish a PayPal account and utilize PayPal services. Discussion Customer pleasure can be similarly improved by multiplied dependability, processing speed, and authorization rates for PayPal customers. We offer nearby, cloud-based processing, industry- main reliability, and actual-time fee updates to Dear students, get latest Solved assignments by professionals. Mail us at: help.mbaassignments@gmail.com Call us at: 08263069601

Recommended

Emerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyEmerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business Ready
Chukwunonso Okoro, CFE, CAMS, CRISC
 
Open Source Intelligence Overview
Open Source Intelligence OverviewOpen Source Intelligence Overview
Open Source Intelligence Overview
bpeacher
 
Leveraging Analytics to Combat Digital Fraud in Financial Organizations
Leveraging Analytics to Combat Digital Fraud in Financial OrganizationsLeveraging Analytics to Combat Digital Fraud in Financial Organizations
Leveraging Analytics to Combat Digital Fraud in Financial Organizations
Ricardo Ponce
 
Little book of cyber scams
Little book of cyber scamsLittle book of cyber scams
Little book of cyber scams
Eddie Hirst MSc MSyl
 
11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of security11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of security
Matthew Pascucci
 
IRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing SitesIRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing Sites
IRJET Journal
 
Ecommerce(2)
Ecommerce(2)Ecommerce(2)
Ecommerce(2)
ecommerce
 
E commerce
E commerceE commerce
E commerce
tamaraammari
 

Recommended

Emerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyEmerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business Ready
Chukwunonso Okoro, CFE, CAMS, CRISC
 
Open Source Intelligence Overview
Open Source Intelligence OverviewOpen Source Intelligence Overview
Open Source Intelligence Overview
bpeacher
 
Leveraging Analytics to Combat Digital Fraud in Financial Organizations
Leveraging Analytics to Combat Digital Fraud in Financial OrganizationsLeveraging Analytics to Combat Digital Fraud in Financial Organizations
Leveraging Analytics to Combat Digital Fraud in Financial Organizations
Ricardo Ponce
 
Little book of cyber scams
Little book of cyber scamsLittle book of cyber scams
Little book of cyber scams
Eddie Hirst MSc MSyl
 
11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of security11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of security
Matthew Pascucci
 
IRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing SitesIRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing Sites
IRJET Journal
 
Ecommerce(2)
Ecommerce(2)Ecommerce(2)
Ecommerce(2)
ecommerce
 
E commerce
E commerceE commerce
E commerce
tamaraammari
 
Driving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your EnemyDriving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your Enemy
First Atlantic Commerce
 
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Rishi Singh
 
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docxRunning head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
wlynn1
 
How to build a highly secure fin tech application
How to build a highly secure fin tech applicationHow to build a highly secure fin tech application
How to build a highly secure fin tech application
nimbleappgenie
 
How Cyber-Secure is your Family Enterprise? A special report for clients of P...
How Cyber-Secure is your Family Enterprise? A special report for clients of P...How Cyber-Secure is your Family Enterprise? A special report for clients of P...
How Cyber-Secure is your Family Enterprise? A special report for clients of P...
Declan Winston Ramsaran
 
E commerce
E commerceE commerce
E commerce
tamaraammari
 
The 10 most trusted fraud detection solution providers 2019
The 10 most trusted fraud detection solution providers 2019The 10 most trusted fraud detection solution providers 2019
The 10 most trusted fraud detection solution providers 2019
Insights success media and technology pvt ltd
 
Building your-dream-cyber-team
Building your-dream-cyber-teamBuilding your-dream-cyber-team
Building your-dream-cyber-team
Kleomenis Symeon
 
Top 10 leading fraud detection and prevention solution providers
Top 10 leading fraud detection and prevention solution providersTop 10 leading fraud detection and prevention solution providers
Top 10 leading fraud detection and prevention solution providers
Merry D'souza
 
ThreatMetrix ARRC 2016 presentation by Ted Egan
ThreatMetrix ARRC 2016 presentation by Ted EganThreatMetrix ARRC 2016 presentation by Ted Egan
ThreatMetrix ARRC 2016 presentation by Ted Egan
Ken Lam
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economy
Mark Albala
 
Fingerpay
FingerpayFingerpay
Fingerpay
Anand B
 
87161911 selected-case-studies-on-cyber-crime
87161911 selected-case-studies-on-cyber-crime87161911 selected-case-studies-on-cyber-crime
87161911 selected-case-studies-on-cyber-crime
homeworkping4
 
The Complete Guide to Ransomware Protection for SMBs
The Complete Guide to Ransomware Protection for SMBsThe Complete Guide to Ransomware Protection for SMBs
The Complete Guide to Ransomware Protection for SMBs
Protected Harbor
 
Secure Wall - how should companies protect themselves from cyber crime?
Secure Wall - how should companies protect themselves from cyber crime?Secure Wall - how should companies protect themselves from cyber crime?
Secure Wall - how should companies protect themselves from cyber crime?
Browne Jacobson LLP
 
ihegc012
ihegc012ihegc012
ihegc012
Maksym Schipka
 
Ways To Protect Your Company From Cybercrime
Ways To Protect Your Company From CybercrimeWays To Protect Your Company From Cybercrime
Ways To Protect Your Company From Cybercrime
thinkwithniche
 
Vodqa why cybersecurity
Vodqa why cybersecurityVodqa why cybersecurity
Vodqa why cybersecurity
Dileep Bellamkonda
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Celine George
 
Single or Multiple melodic lines structure
Single or Multiple melodic lines structureSingle or Multiple melodic lines structure
Single or Multiple melodic lines structure
dhanjurrannsibayan2
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
Esquimalt MFRC
 

More Related Content

Similar to IT Security and Risk Management - A - ST.docx

Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docxRunning head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
wlynn1
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economy
Mark Albala
 
Fingerpay
FingerpayFingerpay
Fingerpay
Anand B
 
The Complete Guide to Ransomware Protection for SMBs
The Complete Guide to Ransomware Protection for SMBsThe Complete Guide to Ransomware Protection for SMBs
The Complete Guide to Ransomware Protection for SMBs
Protected Harbor
 

Similar to IT Security and Risk Management - A - ST.docx (18)

Driving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your EnemyDriving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your Enemy
 
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
 
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docxRunning head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
 
How to build a highly secure fin tech application
How to build a highly secure fin tech applicationHow to build a highly secure fin tech application
How to build a highly secure fin tech application
 
How Cyber-Secure is your Family Enterprise? A special report for clients of P...
How Cyber-Secure is your Family Enterprise? A special report for clients of P...How Cyber-Secure is your Family Enterprise? A special report for clients of P...
How Cyber-Secure is your Family Enterprise? A special report for clients of P...
 
E commerce
E commerceE commerce
E commerce
 
The 10 most trusted fraud detection solution providers 2019
The 10 most trusted fraud detection solution providers 2019The 10 most trusted fraud detection solution providers 2019
The 10 most trusted fraud detection solution providers 2019
 
Building your-dream-cyber-team
Building your-dream-cyber-teamBuilding your-dream-cyber-team
Building your-dream-cyber-team
 
Top 10 leading fraud detection and prevention solution providers
Top 10 leading fraud detection and prevention solution providersTop 10 leading fraud detection and prevention solution providers
Top 10 leading fraud detection and prevention solution providers
 
ThreatMetrix ARRC 2016 presentation by Ted Egan
ThreatMetrix ARRC 2016 presentation by Ted EganThreatMetrix ARRC 2016 presentation by Ted Egan
ThreatMetrix ARRC 2016 presentation by Ted Egan
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economy
 
Fingerpay
FingerpayFingerpay
Fingerpay
 
87161911 selected-case-studies-on-cyber-crime
87161911 selected-case-studies-on-cyber-crime87161911 selected-case-studies-on-cyber-crime
87161911 selected-case-studies-on-cyber-crime
 
The Complete Guide to Ransomware Protection for SMBs
The Complete Guide to Ransomware Protection for SMBsThe Complete Guide to Ransomware Protection for SMBs
The Complete Guide to Ransomware Protection for SMBs
 
Secure Wall - how should companies protect themselves from cyber crime?
Secure Wall - how should companies protect themselves from cyber crime?Secure Wall - how should companies protect themselves from cyber crime?
Secure Wall - how should companies protect themselves from cyber crime?
 
ihegc012
ihegc012ihegc012
ihegc012
 
Ways To Protect Your Company From Cybercrime
Ways To Protect Your Company From CybercrimeWays To Protect Your Company From Cybercrime
Ways To Protect Your Company From Cybercrime
 
Vodqa why cybersecurity
Vodqa why cybersecurityVodqa why cybersecurity
Vodqa why cybersecurity
 

Recently uploaded

1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
ZurliaSoop
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
 
Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...
Association for Project Management
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
heathfieldcps1
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
KarakKing
 
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdfVishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
ssuserdda66b
 

Recently uploaded (20)

1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
Single or Multiple melodic lines structure
Single or Multiple melodic lines structureSingle or Multiple melodic lines structure
Single or Multiple melodic lines structure
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdf
 
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdfVishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 

IT Security and Risk Management - A - ST.docx

  • 1. Dear students, get latest Solved assignments by professionals. Mail us at: help.mbaassignments@gmail.com Call us at: 08263069601 IT Security and Risk Management June 2022 Examination Q1. Malware is intrusive software that is designed to damage and destroy computers and computer systems. Malware is a contraction for “malicious software.” Explain the various types of malware and how is ransomware different from a virus/worm? (10 Marks) Ans 1. Introduction Viruses and other forms of harmful software can be covered under the umbrella term "malware." Cybercriminals commonly utilize it to gain facts from their victims that they'll then exploit to make money. From financial records to healthcare statistics to personal emails and passwords, the breadth of data that can be hacked has grown exponentially. The phrase "malicious software program" or "malicious software" is an umbrella period for any malicious program or code damaging to a computer. Assailants and
  • 2. Q2. The estimated losses due to elder financial abuse range widely. The FBI’s Internet Crime Complaint Center (IC3) 2018 Internet Crime Report shows that people 60 and older submitted more than 62,000 fraud complaints in 2018 with losses totaling nearly $650 million. Some less conservative sources estimate that fraud against seniors, or what’s known as elder financial exploitation (EFE), costs families in the U.S. upwards of $36 billion per year. Research shows that as seniors age, they’re more likely to sustain higher average losses to senior financial scams. Explain the most common types of attacks targeting senior citizens and suggest precautionary measures for them with reference to these attacks? (10 Marks) Ans 2. Introduction The trouble of cyber fraudsters preying on the elderly affects many countries. The elderly may be more liable to -bit scams than different age businesses. This makes them easy prey for criminals, who prey on the elderly, widows, and lonely grandparents. Different concerns come into play. Many older people have been overdue adopters of Q3. For a payment processing site , such as PayPal, security is of utmost important. In PayPal, more than 12 million payment transactions are processed on a daily basis, and this number rises to 15M million during peak days. Nowadays, PayPal has implemented a new and advanced approach to catching bugs and vulnerabilities in its website. This security feature was an add-on to a committed team of more than 2000 anti-fraud specialists who are responsible for taking care of the perimeter security. Each customer accountand payment transactions were monitored by the organisation 24/7 so that there is no fraudulent activity, email phishing and loss of identity.
  • 3. Moreover, the security was also ensured by maintaining every communication between servers on SSL. However, in the case of any flaw in any of these security features, an alarm should be raised. Now, PayPal has contacted and assigned members who can work on bonus basis for the website security. These security researchers who are paid for identifying the bugs and possible vulnerabilities in PayPal’s website are known as bounty hunters. “There are a lot of security researchers, there are a lot of other people out there who are experts on security. We have a very successful bug bounty program, where researchers will find a vulnerability on our sites that we’ve missed,” explains Shivananda. Every bug spotter looks for his/her benefit in identifying bugs. Therefore, PayPal rewards these bounty hunters with the designation of a hero and their achievements portrayed on the ‘Wall of Fame’. In monetary terms, a huge amount is paid to them. PayPal pays $10,000 (about `6.5 Lakh) to identify a remote code of execution. In this case, the spotter of an authentication bypass vulnerability will get $3000 and the one working on cross-site scripting error would get $750. Many companies such as Facebook and eBay have involved the community for high- level security. Let’s understand the manner in which the bug bounty program introduced by PayPal works. First, a security researcher enters and submits a security bug on the PayPal portal. On its completion, the security professionals I working at PayPal test that vulnerability and checks whether or not it is a real issue. They also understand the fixes and communicates to the researcher saying “Yes, what you’ve submitted is a genuine issue. Thank you for that. We’re processing it, and as we process it, we’ll come back to you,” said Shivananda. After the bug is successfully closed, security researchers are entitled to compensation from PayPal. The following vulnerabilities are out-of-scope for PayPal: • Vulnerabilities based on social engineering techniques • Vulnerabilities based on brute force
  • 4. The main objective of a payment processing company is to serve customers innovatively in 200 markets taking care of the fact that the losses are a third of one percent. Along with this, a huge amount of creativity has to be brought in designing the fraud eco-system. PayPal invests a lot of resources in analysing the transactions, account details, and ensuring that no fraudulent transaction is completed on their website. In fact, it’s surprising that PayPal has the least loss in the payment industry that is one-third of one percent. The combination of machine learning and data sciences on the massive data sets helped PayPal to attain the position where it can assure the customers regarding the safety of their transactions. “A loss rate of one-third of one percent is something we can brag about in the industry,” beams Shivananda a. Why PayPal thought of hiring bounty hunters? (5 Marks) Ans 3a. Introduction Moral hackers who uncover vulnerabilities in PayPal's software program and services were rewarded handsomely in the latest media reviews. As of March 2018, PayPal's most worm bounty payout has been raised to $30,000, a b. What type of issues can be faced by PayPal if there is some sort of security lapse in the customer payment transactions? (5 Marks) Ans 3b.
  • 5. Introduction PayPal payments private limited ("PayPal"), an Indian corporation, and you've entered into this agreement to govern your use of your PayPal account and the PayPal offerings. A character has to be a minimum of 18 years of age and a resident of India to establish a PayPal account and utilize PayPal services. Discussion Customer pleasure can be similarly improved by multiplied dependability, processing speed, and authorization rates for PayPal customers. We offer nearby, cloud-based processing, industry- main reliability, and actual-time fee updates to Dear students, get latest Solved assignments by professionals. Mail us at: help.mbaassignments@gmail.com Call us at: 08263069601