COMPUTER SECURITY It is believed that the problem of computer security has changed over a period of time as businesses, thro

admin2011-02-08  30

问题                   COMPUTER SECURITY
    It is believed that the problem of computer security has changed over a period of time as businesses, through an increased use of information technology (IT), have become more and more dependent on information and the associated information systems (IS). However, at the same time, there has been limited change in the implemented security or safeguards to these information systems. In fact many executives or managers fail to even identify the relevant requirement for security or policies.
    A. The Internet has been roughly doubling in size every year, and the associated security incidents have been running in parity. Even if the percentage of malicious users is small, the increase in size of the Internet and in the number of incidents of failed security is significant. The importance of the growth in the Internet can be highlighted by the fact that in July 1991, 33% of Internet users were from the commercial sector, whereas in July 1996, this figure had risen to 50%.
    B. In 1988, the Morris "worm" was introduced on the Internet to invade, attack and replicate itself on the network. The response was to shut down E-mail and connectivity. However, the "fixes" were to be distributed via E-mail and so the solution was self-defeating. As a result of this worm virus, CERT (Computer Emergency Response Team) was formed, with the Australian version (AUSCERT) starting in 1992.
    C. One of the problems with Internet security is the fact that the incidents are increasing in sophistication. One of the reasons for this has been the increasing availability of toolkits. Although these toolkits are designed to assist computer systems designers to protect and develop their sites, they also allow relatively ignorant intruders to carry out increasingly complex incidents with the utilisation of many routers and disguises to reach their "target". According to a US Department of Defence report, less than 1% of incidents are identified but 65% of these are successful. Another thing to bear in mind with intruders and hackers is that they do not respect geographical or administrative boundaries, or time zones. They may be geographically dislocated from the point of attack and therefore operating in "off-duty" hours.
    D. The thing to remember with security is that the system administrators must get it fight all the time; the intruder must get it right just once. Evidence of this is easy to find. In 1997, a teenager hacked into a Bell Atlantic network. His hacking crashed the computer and resulted in 600 homes, a regional airport and emergency services being without telephone communications for six hours. And what was the punishment for this offence? Two years of probation, community service and a fine of US$5,000.
    E. Governments are getting tough on cyber crimes, especially in the wake of September 11th. These crimes are being linked to national security, which in the US is now of major concern to government officials and the general public alike. And the government has been swift to act. In late 2001, the US Patriot Act was introduced. This Act increased the maximum sentence for breaking into a computer from five to ten years. Then in July 2002, the House of Representatives approved the Cyber Security Enhancement Act. Now if a cyber crime results in the death of an individual, the offender could face a life sentence. There has been additional fall-out from the September 11th attacks with the FBI and other government security agencies dramatically escalating their monitoring of the Internet. This has pushed some hackers further underground, fearful that what they had previously been doing out of boredom or challenge could now be viewed as an act of terrorism.
    F. On the other hand, the events of September 11th have led to some ex-hackers using their extensive knowledge and experience to join forces with security forces to aid the fight against terrorism.
    G. However, even with the increased threats of punishment, computer viruses and incidents of hacking continue to be widespread. Long-time security measures which have been utilised by companies and individuals are not fail-safe. One of the more prevalent IS security measures is the use of firewalls, which "filter" the data entering/leaving the corporate IS. It is true that these firewalls have a number of advantages, nevertheless, they should not be seen as a panacea to all IS security woes, merely an enhancement. They can provide a false sense of security and have limited protection from internal attackers. In short, the corporate world needs to realise that computer security will be an on-going problem and expense.
Paragraph C ______

选项

答案VII

解析
转载请注明原文地址:https://kaotiyun.com/show/NOVO777K
0

最新回复(0)