Professional Documents
Culture Documents
MIS Discussions and Assigments
MIS Discussions and Assigments
1) Work From Home being Exploited : The drift from working in office to working
virtually helped spreading the virus easily for the virtual private networks and their
service providers having weak security systems for themselves, less secured servers
and mail services. Attackers will continuously attack these systems and make them
vulnerable.
Reference:
https://www.forbes.com/sites/edwardsegal/2021/12/06/8-crystal-ball-predictions-
about-cyberattacks-in-2022/?sh=56300963257e
Discussion 3:
1) Ransomware attack is one of the common attacks which people neglect but
should be aware of. Attackers also mix more that one attack like DDoS. Other attacks
which end users should be aware of are credential theft,web-based attacks, account
takeover,compromised or stolen devices, zero-day attacks, general malware, SQL
injection, phishing/social engineering, cross-site scripting.
2) I would prefer Role based Access Control for UNCW because a institution will have
different level of committees and also students and employees. Few resources
should be accessible only with specific level of authorities, since role based access
control not only control which resources should be exposed to who but also how to
access the resources if it is being shared by two or more level of authorities.
4) I feel all the five steps in the RBAC implementation is very much necessary and
important as without each other, the implementation will not be successful. For
example, assigning the people into roles will not make sense if one does not know
whom to give what access which in turn does not make sense if one don’t know
which resources need to have access.
Discussion 5:
1) . Most MFA systems rely on possession factors like sim cards, ATM cards, key
cards, etc because even with the knowledge factor the problem of passwords prevail
as passwords can be easily breached and hackers will use number of tricks to try and
obtain passwords for online accounts.
3) I would suggest Okta Adaptive MFA would be suitable for small business with the
reasons being it is very simple to set up and use, it has single sign-on feature with
various MFA notification options.The main thing with passwords are their security,
and for Okta strong password is a no password at all i.e, it authenticates without a
password and it goes well with thousands of web apps.