Information Management Systems - Essay Example

Information Technology (IT) The word botnet is derived from two English words, robot and network. A botnet can be described as a collection of programs connected via internet which communicate with other programs so as to perform certain tasks. Botnets have been used to for negative functions across the internet such as sending spam e-mails and participating in DDos attacks. However, botnets can also be used for positive and worthy courses across networks. This includes a very important role in controlling an IRC channel. Rootkits can be defined as stealthy and malicious software applications designed to hide the existence other processes and programs from being detected in normal methods. They are used to enable privileged access to computers for specific individuals. Rootkits are often associated with malwares. Rootkits can either be installed automatically in computer systems or they can be installed manually by attackers who gain access to computer network roots. This can lead to direct attacks by exploiting vulnerabilities such as password access through cracking. Once they have been installed, they can take full control of the system, modifying existing software and applications. Detection of rootkits is very difficult since they also attack software programs that are aimed at controlling them. They can however be detected using other trusted operating systems, signature scanning of computers, memory dump analysis, as well as other behavioral methods. Removal of rootkits after detection is a very complicated process and almost practically impossible, most especially if they attack the kemel. The only viable solution of removing them is through reinstallation of the operating system. Man in the middle attacks involves third parties on the internet making connections and sharing messages with other user on the network. The attacker can eaves drop communication between two people and get in the middle of the communication and takes control over it. This happens at Wi-Fi access points. Browser security refers to the application of internet security measures to web browsers so as to protect computer systems and data across networks from malware or from t=other third parties that may breach privacy of individuals using the internet. DLP in data security is an abbreviation for Data Loss Prevention. This refers to the various solutions aimed identifying and detecting any potential breach of data transmission or data ex-filtration and subsequently preventing such processes through monitoring and blocking sensitive data during end point actions (in-use), network traffic (in motion) and during rest (data storage). There are data loss prevention software applications that facilitate this process. If I were responsible for security of a small firm, I would definitely recommend Snort. This is because of its ability to prevent network intrusion as well as in system detection. The system is also developed by a renowned software developer, Sourcefire, hence the need to trust the workability of the application. The application has over 400, 000 users which makes it worth trying out. A SYN flood attack can be defined as a form of denial of service attack, where by the attacker send a multiple SYN requests to the targeted system in a bid to use enough resources on the server so as to make the system less responsive to legitimate traffic by the targeted users. This attack can be prevented through a variety of counter measures including filtering, firewalls and proxies, hybrid approaches, SYN cookies, increasing backlogs among others. LTE (Long Term Evolution) and WiMax are the emerging trends in technology for high speed mobile broadband internet service. Both technologies seem to have similar objectives of enabling connectivity to wireless data across the globe via mobile phones, laptops and other devices. The two technologies are being widely used in mobile technology due to their high speed connectivity as compared to the 3G network that was previously being used. There is a debate over which of these technologies is better than the other with certain manufactures and consumers preferring one over the other. The differences among them are very small considering that they are both highly effective technologies. Computer infrastructure has have increasingly come under threat from various sources. Some of them gain access through systems in conventional ways that can be prevented if adequate security measures are taken (Haag, Cummings, McCubbrey, Pinsonneult, and Donovan, 106). Access control can be used to improve security of infrastructure by preventing unauthorized individuals and applications from accessing the systems. Biometric analysis has so many advantages including the fact that individuals have certain unique features such as finger prints, voice, and eyes among others that can be used to enhance security by allowing only authorized personnel. The other advantage is that individuals do not need to memorize access codes as authorization is mainly done using their own bodies. Among the disadvantages include the fact that one’s unique features may be deformed such as fingerprints being affected by chemicals. This makes it hard for them to access certain places even though they have the authority. Ailments can also cause changes in an individual’s biological features including eyes and voice. Password hashing refers to the process of using cryptographic algorithm in convert passwords into a sting of fixed length characters referred to as fingerprints. The advantage of this is that it makes password more difficult to crack hence enhances security of systems by preventing unauthorized access. A digital certificate can be described as an attachment to any electronic message mainly used for purposes of security. Digital certificates are mostly used in cases where there is need to prove that users are who they claim to be when sending messages across networks. Individuals can send encrypted messages by getting authorization from the Certificates Authority (CA). A hot site is an example of a back up site which is a duplicate of the main site. It also has computer systems and an almost complete backup of the users’ data. In case of a disruption on the main site, the organization can easily relocate to the hot site (Haag, Cummings, McCubbrey, Pinsonneult, and Donovan, 156). Key risk mitigation strategies for this online business would include having a hot site, enabling hashing of user passwords, using digital certificate in cases where we suspect the authenticity of certain users among others. Work Cited Haag, Cummings, McCubbrey, Pinsonneult, and Donovan. (2004). Information Management Systems, For The Information Age. McGraw-Hill Ryerson. Print Read More