Professional Documents
Culture Documents
6 Cryptography Describes the effective way of cryptography to protect the confidentiality, authenticity
and integrity of information.
7 Physical and Environmental Security Explains the importance of controlling the physical access from the unauthorized users
that can cause theft and damage.
8 Operations Security Clarifies that operation of information processing facilities need to be in proper and
safe way.
9 Communication Security Clarifies the rules and guidelines to protect the information in UMPNet Network.
10 Procurement, Development and Maintenance of Clarifies the rules and guidelines for the development and maintenance of the
University Application Systems university application system.
11 Relationships with Suppliers Includes procedures ensuring the services given has proper security aligned with the
agreement contract.
12 Information Security Incident Management Includes procedures to be followed by the UMP ICT assets users to ensure
incident is handled effectively and minimize security incidents.
13 Aspects of the Information Security Service Describes the importance of availability and continual services and operations
Continuity Management to delivered the users.
14 Compliance Describes the importance of increasing the ICT Security level to prevent the
violation of ICT Security Policy, criminal and civil law, and regulatory or
• Ethical issues in Social Network
– Statistic of Internet usage in UMP
(http://en.wikipedia.org/wiki/Computer_network)
• Pusat Teknologi Maklumat & Komunikasi (PTMK) is
responsible to control and maintain all network &
telecommunication devices in UMP campus.
Network
services used
for commercial
Allow other
person which is
Disturb any
not a UMP
user to access
Students or
the network
Staffs to use
services
UMP network
services
To keep safe
personal information
from un-authorized
party.
To ensure all
information in E-
Community apps is
correct
Do not attempt
unauthorized classified
information using UMP
network services
To report any
suspicious activities
that threats ICT
network security
Subject Registration week is an event where students need to register
subject for incoming semester via Open Registration in the Student e-comm.
Discussion :
1) Did the Student A do anything wrong?
2) Who were hurt by Student A course of action?
3) In your opinion, should this allowed?
3) What should PTMK do to overcome this?
UMP provide internet connectivity which dedicated to students and staffs 24 x
7. Staffs and students are enjoying the bandwidth to ensure their works,
assignments and learning activities done by the clock. However, Student B
use the internet bandwidth for his own personal interest like downloading
movies and music, video streaming and other bandwidth hogging stuffs .
Helpdesk received reports from other students who were complaining internet
was slow for their academic activities. PTMK Technical Team investigate this
and found a IP address which belong to Student B which was penetrated the
bandwidth beyond the limit.
Discussion :
1) Did the Student B conduct an ethical way to surf the net?
2) Are there better ways for Student B to accomplished his personal
interests?
3) If you act as PTMK; do you have any recommendation to prevent
this recurring?
UMP Gambang provide single node network at student residential area for
internet and intranet connection. To ensure this facility to be enjoyed by
students, they are allowed to bring their own network devices like switches.
However, students are prohibited from installing router-based devices. During
early semester, Student C bought a new device from Low Yatt and install it at
KK1.
Helpdesk received a report from certain segment users at KK1 who were
connected to the network but inaccessible to the webpages. Investigation
found that Student C was enabled her network device as a router and
distributing IP address which different from the official one.
Discussion :
1) Did the Student C do the wrong action?
2) Who will be harmed if UMP prohibit students from installing
switches?
3) What other course of action could Student C have taken to
ensure this not happened?
https://www.youtube.com/watch?v=t4JVAWopyqs
Requirement
Maintenance Analysis &
Design
Testing Implementation
C : One of the most
widely used
programming
languages of all
time,and C compilers
are available for the Java : Web Browser -
C# : A very popular majority of available Opera Mini, Google
language for computer architectures Maps, Gmail
designing large and operating systems.
distributed services
KIEMS
ACADEMIC MANAGEMENT SYSTEM
(Oracle Forms & Reports)
E-
COMMUNITY KIEMS
STAFF/ STUDENT SYSTEM Database
PELAJAR (Oracle Forms & Reports) (Oracle)
(Java)
KIEMS
HUMAN RESOURCE SYSTEM
(Oracle Forms & Reports)
OTHERS..
E-LEARNING, CENFED, TRAFFIC MONITORING ETC..
• Provide comprehensive services and facilities for
creating ICT-based environment
Audio Visual
Security
- CCTV
Computer -Card Access
Lab/BKDK
ICT
SERVICES
ICT Complaint
ICT Equipment Management System
Booking System
• Labs are fully equipped with:
Audio
Visual
LAB
Computers Internet
Teaching & Learning
Events (Manpower)
• MINDS (Minggu Induksi Siswa)
Others
• Video Conference
• Web Conference
4.) Do and Don’t in Physical System
(cont.)
Statistics for
overall complaint
in 2012
Please click to play video
Ethical Case Study
• Case A
Mr Gan was hit by a ransomware attack.
• 5000 files got locked by CryptoWall, an encryption
malware so powerful it is almost impossible to
recover the information.
• Mr Gan contacted the attacker through the
ransomware’s communication feature. As all
ransomware creators, he was told to either pay to
get his files back or lose them forever. Despite
backing up his files 6 months ago, He decided that
losing half a year’s worth of photos, documents and
other files was too much, and so decided to pay the
ransom.
• Question: What should Mr Gan do?
Some challenges of ICT usage among students are :