Page 360 -
P. 360
Chapter 8 Securing Information Systems 359
• Describe the function of risk assessment and • Explain how encryption protects information.
explain how it is conducted for information • Describe the role of encryption and digital
systems. certificates in a public key infrastructure.
• Define and describe the following: security • Distinguish between fault tolerance and high-
policy, acceptable use policy, and identity availability computing, and between di saster
management. recovery planning and business continuity
• Explain how MIS auditing promotes security planning.
and control. • Identify and describe the security problems
4. What are the most important tools and technolo- posed by cloud computing.
gies for safeguarding information resources? • Describe measures for improving software
• Name and describe three authentication quality and reliability.
methods.
• Describe the roles of firewalls, intrusion
detection systems, and antivirus software in
promoting security.
Discussion Questions
1. Security isn’t simply a technology issue, it’s a 3. Suppose your business had an e-commerce Web
business issue. Discuss. site where it sold goods and accepted credit card
2. If you were developing a business continuity payments. Discuss the major security threats to
plan for your company, where would you start? this Web site and their potential impact. What
What aspects of the business would the plan can be done to minimize these threats?
address?
MIS_13_Ch_08 Global.indd 359 1/17/2013 3:10:24 PM
