Chat with AI
Accounting Information Systems 9th Edition by James Hall
Edition 9ISBN: 978-1133934400Accounting Information Systems 9th Edition by James Hall
Edition 9ISBN: 978-1133934400 Exercise 32
OPERATING SYSTEM RISKS AND CONTROLS
Listed here are four scenarios. For each scenario, discuss the potential consequences and give a prevention technique.
a. A company has recently installed a new computer network. The operating philosophy adopted by the new network administrator was to establish an open system that would foster work group data sharing, flexible access, and minimal inconvenience to the network users. To accomplish this objective, the data administrator assigned employee access privileges to data based on department and functional affiliation rather than specific tasks.
b. Mary is a system programmer who was told she would be terminated in 3 weeks due to poor performance and was asked to conclude all of her projects during that three-week period. Two weeks later Mary created a logic bomb designed to get activated 3 months after her departure. Subsequently, the bomb destroyed hundreds of records in her previous employer's accounts receivable invoice file.
c. Robert discovered a new sensitivity analysis public-domain program on the Internet. He downloaded the software to his laptop at home, which he also used at his office when connecting to the company's network. The program contained a virus that spread to the company's mainframe.
d. Murray, a trusted employee and a systems engineer, had access to both the network access control list and user passwords. The firm's competitor recently hired him for a large increase in salary. After leaving, Murray continued to browse through his old employer's data, such as price lists, customer lists, bids on jobs, and so on. He passed this information on to his new employer.
Listed here are four scenarios. For each scenario, discuss the potential consequences and give a prevention technique.
a. A company has recently installed a new computer network. The operating philosophy adopted by the new network administrator was to establish an open system that would foster work group data sharing, flexible access, and minimal inconvenience to the network users. To accomplish this objective, the data administrator assigned employee access privileges to data based on department and functional affiliation rather than specific tasks.
b. Mary is a system programmer who was told she would be terminated in 3 weeks due to poor performance and was asked to conclude all of her projects during that three-week period. Two weeks later Mary created a logic bomb designed to get activated 3 months after her departure. Subsequently, the bomb destroyed hundreds of records in her previous employer's accounts receivable invoice file.
c. Robert discovered a new sensitivity analysis public-domain program on the Internet. He downloaded the software to his laptop at home, which he also used at his office when connecting to the company's network. The program contained a virus that spread to the company's mainframe.
d. Murray, a trusted employee and a systems engineer, had access to both the network access control list and user passwords. The firm's competitor recently hired him for a large increase in salary. After leaving, Murray continued to browse through his old employer's data, such as price lists, customer lists, bids on jobs, and so on. He passed this information on to his new employer.
Explanation
Verified
Verified
Operating System Risks and Controls :
(a...
Accounting Information Systems 9th Edition by James Hall
Why don’t you like this exercise?
Other Minimum 8 character and maximum 255 character
Character 255
