...Principles of Information Security, 4th Edition 1 Chapter 1 1 Review Questions 1. What is the difference between a threat agent and a threat? A threat agent is the facilitator of an attack, whereas a threat is a category of objects, persons, or other entities that represents a potential danger to an asset. Threats are always present. Some threats manifest themselves in accidental occurrences and others are purposeful. Fire is a threat; however, a fire that has begun in a building is an attack. If an arsonist set the fire then the arsonist is the threat agent. If an accidental electrical short started the fire, the short is the threat agent. 2. What is the difference between vulnerability and exposure? Vulnerability is a weaknesses or fault in a system or protection mechanism that opens it to attack or damage. Exposure is a condition or state of being exposed. In information security, exposure exists when a vulnerability known to an attacker is present. 3. How is infrastructure protection (assuring the security of utility services) related to information security? The availability of information assets is dependent on having information systems that are reliable and that remain highly available. 4. What type of security was dominant in the early years of computing? In the early years of computing when security was addressed at all, it dealt only with the physical security of the computers themselves and not the data or...
Words: 4896 - Pages: 20
...Review Questions 1. What is the difference between a threat agent and a threat? A threat agent is a specific component that represents a danger to an organization’s assets. And a threat is an object, person or entity that represents a constant danger. 2. What is the difference between vulnerability and exposure? Vulnerability is a weakness is a system that leaves the system open to attacks. Exposure is the known vulnerabilities that make a system weak and open to attacks without protection. 3. How is infrastructure protection (assuring the security of utility services) related to information security? If the infrastructure of a network is exposed and accessible to anyone this leaves the network vulnerable to damage both to hardware and software. The infrastructure must be protected to allow only authorized user to have access to the network. 4. What type of security was dominant in the early years of computing? Physical security. 5. What are the three components of the C.I.A. triangle? What are they used for? Confidentiality, Integrity and availability are the three components of the C.I.A triangle. They are used as a standard for computer security. 6. If the C.I.A. triangle is incomplete, why is it so commonly used in security? The C.I.A triangle provides a basic standard of what is needed to keep information secured. 7. Describe the critical characteristics of information. How are they used in the study of computer security? Availability...
Words: 829 - Pages: 4
...Chapter 1 Assignmnet Ryan M. Kethcart INFOST-491 SEC-OL Exercises 1. Look up “the paper that started the study of computer security.” Prepare a summary of the key points. What in this paper specifically addresses security in areas previously unexamined? a. A paper titled the “Rand Report R-609” was sponsored by the Department of Defense and initiated the movement toward security that went beyond protecting physical locations. It attempted to define multiple controls and mechanisms necessary for the protection of a multilevel computer system; identifying the role of management and policy issues in computer security. This report/paper significantly expanded the scope of computer security to include the following: securing the data, limiting random and unauthorized access to said data, and involving personnel from multiple levels of the organization in matters pertaining to information security. 3. Consider the information stored on your personal computer. For each of the terms listed, find an example and document it: threat, threat agent, vulnerability, exposure, risk, attack, and exploit. a. Threat: i. Theft of Media b. Threat Agent: ii. Hacker (Ex: Ima Hacker) c. Vulnerability: iii. Unprotected system port d. Exposure: iv. Using a website monitored by malicious hackers, reveals a vulnerability – i.e. Unprotected system port e. Risk: v. Low level risk – The probability that...
Words: 790 - Pages: 4
...STUDY GUIDE Cyber Security 1. What is the difference between a threat agent and a threat? Threat: A category of objects, persons, or other entities that presents a danger to an asset. Threats are always present and can be purposeful or undirected. For example, hackers purposefully threaten unprotected information systems, while severe storms incidentally threaten buildings and their contents. Threat agent: The specific instance or a component of a threat. For example, all hackers in the world present a collective threat, while Kevin Mitnick, who was convicted for hacking into phone systems, is a specific threat agent. Likewise, a lightning strike, hailstorm, or tornado is a threat agent that is part of the threat of severe storms. 2. What is the difference between vulnerability and exposure? Vulnerability: A weaknesses or fault in a system or protection mechanism that opens it to attack or damage. Some examples of vulnerabilities are a flaw in a software package, an unprotected system port, and an unlocked door. Some well-known vulnerabilities have been examined, documented, and published; others remain latent (or undiscovered). Exposure: A condition or state of being exposed. In information security, exposure exists when a vulnerability known to an attacker is present. 3. How is infrastructure protection (assuring the security of utility services) related to information security? The organization needs to have clear parameters and set regulation when it...
Words: 894 - Pages: 4
...m/cards/136 20 58 What is the dif f erence between a threat and a threat agent? A threat is a constant danger to an asset, whereas a threat agent is the facilitator of an attack. What is the dif f erence between vulnerability and exposure? Vu l n e r a b i l i ty i s a fa u l t wi ti n th e s ys te m , s u ch a s s o ftwa r e p a cka g e fl a ws , u n l o cke d d o o r s o r a n u n p r o te cte d s ys te m p o r t. It l e a ve s th i n g s o p e n to a n a tta ck o r d a m a g e . Exp o s u r e i s a s i n g l e i n s ta n ce wh e n a s ys te m i s o p e n to d a m a g e . Vu l n e r a b i l i ti e s ca n i n tu r n b e th e ca u s e o f e xp o s u r e . Who has the def inition of hack evolved over the last 30 years? In te e a r l y d a ys o f co m p u ti n g , e n th u s i a s ts we r e ca l l e d h a cks o r h a cke r s , b e ca u s e th e y co u l d te a r a p a r t th e i n s tr u cti o n co d e o r e ve n th e co m p tu e r i ts e l f to m a n i p u l a te i ts o u tp u t. Th e te r m h a cke r a t o n e ti m e e xp r e s s e d r e s p e ct fo r a n o th e r s a b i l i ty. In r e ce n t ye a r s th e a s s o ci a ti o n wi th a n i l l i g a l a cti vi ty h a s n e g a ti vl y ti n g e d th e te r m . What type of security was dominant in the early years of computing? Early security was entirely physical security. C o n fi d e n ti a l i ty: In fo rma ti o n s s h o u l d o n l y b e a c c e s s i b l e to i ts i n te n d e d re c i p i e n ts ....
Words: 3982 - Pages: 16
...RAND Journal of Economics Vol. 33, No. 2, Summer 2002 pp. 298–318 Firm financial condition and airline price wars Meghan Busse∗ A firm that knows that cutting price may trigger a price war must weigh present versus future gains and losses when considering such a move. The firm’s financial situation can affect how it values such tradeoffs. Using data on 14 major airlines between 1985 and 1992, I test the hypothesis that firms in worse financial condition are more likely to start price wars. Empirical results suggest that this is true, particularly for highly leveraged firms. The article also explores which firms join existing price wars and finds that a firm is more likely to enter a price war the greater the share of its traffic on routes served by the price-war leader. 1. Introduction Economists’ explanations for price wars differ from those of other observers of the airline industry. Most economic models of price wars, which apply more generally than to the airline industry alone, have emphasized the role of fluctuations in demand. Changes in demand alter the expected profitability of undercutting a tacitly collusive equilibrium; depending on the assumptions made, the models predict that price wars occur either when demand booms or when it slumps. Industry insiders, meanwhile, identify the financial troubles of an individual carrier as an important motivation in initiating the fare cuts that trigger price wars. For example: [Mark Daugherty, airline industry analyst for Dean Witter]...
Words: 12544 - Pages: 51
...analysis in the study of organizational variables. Sociology, 1969, 3(2), 193-213. Litwin, G. H., & Stringer, R. A., Jr. Motivation and organizational climate. Boston: Harvard University Press, 1968. Mohr, L. B. Determinants of innovation in organizations. American Political Science Review, 1969, 63, 111-126. Palumbo, D. Power and role speciflcity in organization theory. Public Administration Review, 1969, 29, 237-248. Paolillo, J. G. Technological innovation in organizational R&D subsystems. Unpublished Ph.D. dissertation. University of Oregon, 1977. Paolillo, J. G., & Brown, W. B. How organizational factors affect R and D innovation. Research Management, 1978, 7, 12-15. Pritchard, R. D., & Karasick, B. W. The effects of organizational climate on managerial job performance and job satisfaction. Organizational Behavior and Human Performance, 1973, 9, 126-146. Rogers, E. M., & Eveland, J. D. Diffusion: Communication and innovation in organizations. In P. Kelly & M. Kranzbert (Eds.), Aspects of technological innovation. Atlanta: Advanced Technology and Science Studies, Georgia Institute of Technology, 1975, 301-368. Sapolsky, H. M. Organizational structure and innovation. The Journal of Business, 1967,40, 497-510. Vegso, R. W. Organizational characteristics that influence innovative behavior. Unpublished Ph.D. dissertation. University of Cincinnati, 1976. Zaltman, G., Duncan, R., & Holbeck, J. Innovations and organizations. New York: Wiley, 1973. Augustus Abbey is Assistant Professor...
Words: 3679 - Pages: 15
...ETHICS, PUBLIC POLICY, AND MEDICAL ECONOMICS A Systematic Review of Satisfaction with Care at the End of Life Sydney Morss Dy, MD, MSc,Ã wz Lisa R. Shugarman, PhD,§ Karl A. Lorenz, MD, MSHS,§ k Richard A. Mularski, MD, MSHS,# and Joanne Lynn, MD, MA, MS,§ for the RANDFSouthern California Evidence-Based Practice Center (See editorial comments by Dr. Jean S. Kutner, pp 160–162) The objective of this study was to systematically review the literature to better understand the conceptualization of satisfaction with end-of-life care and the effectiveness of palliative care interventions on this outcome. Data sources included Medline and the Database of Reviews of Effects. The review included relevant qualitative studies and intervention studies using satisfaction as an outcome from 1990 to 2005. Reviewing 24,423 citations yielded 21 relevant qualitative studies, four systematic reviews, and eight additional intervention studies. The qualitative literature described the domains of accessibility and coordination; competence, including symptom management; communication and education; emotional support and personalization of care; and support of patients’ decision-making. For collaboration and consultation interventions, eight of 13 studies showed a significant effect on satisfaction. A metaanalysis found that palliative care and hospice teams improved satisfaction, although most studies did not include satisfaction as an outcome. For other types of interventions, only two of six...
Words: 5607 - Pages: 23
...Affects of Multiple Deployments on Military Service Members and Families during Operation Iraqi Freedom (OIF) and Operation Enduring Freedom (OEF): Time Period 2001-2012 Gina Pagano-Briglin, MSW University of the Incarnate Word 3 December 2012 I. Introduction Since September 11, 2001, there have been significant changes in the security measures of air travel, financial security, but one of the most significant changes is that of military operations. The United States began combat operations in Iraq and Afghanistan on October 7, 2001 in response to the September 11, 2001 terrorist attacks officially referred to as Operation Enduring Freedom (OEF) and Operation Iraqi Freedom (OIF). Since October 2001, about 1.9 million service members have been deployed to Afghanistan and Iraq (Asbury & Martin, 2011). OEF/OIF has many unique features with regard to the military forces being sent to fight oversees. The all-volunteer military has experienced multiple deployments to the combat areas, with an increased use of the National Guard and Reserve Components, higher numbers of deployed women and parents of young children, and increases in the number of service members surviving severe injuries and other side effects from combat (Shaw & Hector, 2010). Service members may be subjected to more than one deployment. Studies show that overall about 40% of current military service members have been deployed more than once, with over one quarter serving...
Words: 7054 - Pages: 29
...Pearson, P. D., & Cervetti, G. N. (2013). The psychology and pedagogy of reading processes. In W. Reynolds, & G. Miller, (Eds.), Educational Psychology, V.VII, of Handbook of Psychology (2nd Ed) (pp. 507-554). New York: John Wiley & Sons. Chapter 12 The Psychology and Pedagogy of Reading Processes P. David Pearson and Gina Cervetti As we approach the monumental task of living up to the standard imposed by our predecessor, the late Michael Pressley, in writing the reading chapter for this, the seventh volume in the series of Handbooks of Psychology, we are both privileged and humbled by the opportunity of continuing the legacy of providing a comprehensive account of new theoretical and empirical contributions to reading research. Respectful of the cross-age approach that Pressley took in the last volume (account for progress of beginning readers, adolescent and adult readers— and along the way highlight some pedagogical processes that are salient at all levels, such as word recognition, vocabulary, and comprehension), we took a different approach. We decided to focus on reading as a fundamentally cognitive process that can be influenced by contextual forces at many levels, most notably for education, schools, and policy environments. Thus we deal with the fundamental psychological aspects of reading—word level processes (including subword processes such as phonological awareness and decoding, word reading, and vocabulary, with all of its entailments), and...
Words: 20526 - Pages: 83
...PURE GOLD TO BE THE LEADING MINING COMPANY To create value for our shareholders, our employees and our business and social partners through safely and responsibly exploring, mining and marketing our products. Our primary focus is gold and we will pursue value creating opportunities in other minerals where we can leverage our existing assets, skills and experience to enhance the delivery of value. Safety is our first value. We place people first and correspondingly put the highest priority on safe and healthy practices and systems of work. We are responsible for seeking out new and innovative ways to ensure that our workplaces are free of occupational injury and illness. We live each day for each other and use our collective commitment, talents, resources and systems to deliver on our most important commitment ... to care. We are accountable for our actions and undertake to deliver on our commitments. We are focused on delivering results and we do what we say we will do. We accept responsibility and hold ourselves accountable for our work, our behaviour, our ethics and our actions. We aim to deliver high performance outcomes and undertake to deliver on our commitments to our colleagues, business and social partners, and our investors. We treat each other with dignity and respect. We believe that individuals who are treated with respect and who are entrusted to take responsibility respond by giving their best. We seek to preserve people's dignity, their sense...
Words: 149499 - Pages: 598
...An analysis of research and literature on CREATIVITY IN EDUCATION Report prepared for the Qualifications and Curriculum Authority by Anna Craft March 2001 2 Contents Page Numbers 1.0 Introduction 1.1 Aims and purposes 1.2 Approach taken and areas covered 4 2.0 A summary of the research and literature on creativity 2.1 Historical overview 2.2 The early part of the twentieth century 2.3 More recent directions in creativity research 2.4 Lines of study stemming from the 1950s 2.4.1 Personality 2.4.2 Cognition 2.4.3 Ways to stimulate creativity 2.4.4 Creativity and social systems 2.5 Background to creativity in education 2.6 Broader claims for creativity in the curriculum 5-12 3.0 What do we mean by creativity? 3.1 Definitions or descriptions of creativity 3.2 High creativity 3.3 Ordinary, or ‘democratic’ creativity 13-15 4.0 The development of creativity in education 4.1 Research into the development of creativity in education 4.1.1 Comprehensive approaches 4.1.2 Educational approaches 4.1.3 Psychodynamic approaches 4.1.4 Humanistic approaches 4.1.5 Behaviourist approaches 4.2 Teaching approaches to developing creativity 4.2.1 ‘Creative cycle’ approaches 4.2.2 Single-strategy approaches 4.2.3 Multi-strategy approaches 4.2.4 System approaches 4.2.5 Overall pedagogic criteria approaches 16-22 3 5.0 Assessment and creativity 5.1 Recording and assessing creativity 23-24 6.0 Conclusions and key findings 6.1 High and democratic creativity ...
Words: 11902 - Pages: 48
...Annual Report 2009 Wits Gold Prospecting Rights in the Witwatersrand Basin, South Africa Witwatersrand Basin Johannesburg Carletonville Potchefstroom Goldfield Evander Klerksdorp Klerksdorp Goldfield Potchefstroom N 0 100 Km Welkom Southern Free State Goldfield Wits Gold Prospecting Rights Mining Leases Witwatersrand Basin Basement Rocks Disclaimer Certain statements in this directors’ report may constitute forward-looking information within the meaning of securities laws. In some cases, forward-looking information can be identified by use of terms such as “may”, “will”, “should”, “expect”, “believe”, “plan”, “scheduled”, “intend”, “estimate”, “forecast”, “predict”, “potential”, “continue”, “anticipate” or other similar expressions concerning matters that are not historical facts. Forward-looking information may relate to management’s future outlook and anticipated events or results, and may include statements or information regarding the future plans or prospects of the Company. Without limitation, statements about the timing of the pre-feasibility studies regarding the Company’s Bloemhoek project and De Bron project, the ability of the Company to manage its business risks, the sufficiency of capital to cover exploration and operating expenses, and other related statements are forwardlooking information. Forward-looking information involves known and unknown risks, uncertainties and other important factors that could cause the actual results,...
Words: 47489 - Pages: 190
...Acknowledgments ix Acknowledgments This book owes a great deal to the mental energy of several generations of scholars. As an undergraduate at the University of Cape Town, Francis Wilson made me aware of the importance of migrant labour and Robin Hallett inspired me, and a generation of students, to study the African past. At the School of Oriental and African Studies in London I was fortunate enough to have David Birmingham as a thesis supervisor. I hope that some of his knowledge and understanding of Lusophone Africa has found its way into this book. I owe an equal debt to Shula Marks who, over the years, has provided me with criticism and inspiration. In the United States I learnt a great deal from ]eanne Penvenne, Marcia Wright and, especially, Leroy Vail. In Switzerland I benefitted from the friendship and assistance of Laurent Monier of the IUED in Geneva, Francois Iecquier of the University of Lausanne and Mariette Ouwerhand of the dépurtement évangélrlyue (the former Swiss Mission). In South Africa, Patricia Davison of the South African Museum introduced me to material culture and made me aware of the richness of difference; the late Monica Wilson taught me the fundamentals of anthropology and Andrew Spiegel and Robert Thornton struggled to keep me abreast of changes in the discipline; Sue Newton-King and Nigel Penn brought shafts of light from the eighteenthcentury to bear on early industrialism. Charles van Onselen laid a major part of the intellectual foundations on...
Words: 178350 - Pages: 714
...TQM Outcomes Advocates of TQM are not in complete agreement on the factors that reflect the adoption of a TQM orientation. However, customer satisfaction, continuous improvement, and teamwork frequently are cited as core factors for TQM (Dean & Bowen, 1994; Morrow, 1997). However, Reed and Lemak (1998) expanded this to include empowerment and statistical process control, at the same time recognizing continuous improvement as one of the central TQM doctrines. For employees, a significant aim of TQM is the broadening of work responsibilities. The adoption of TQM requires employees to reconceptualize the boundaries of their jobs, reshape their attitudes toward quality, and engage in new behaviors. In essence, TQM blurs the boundary between previously defined in-role and extra-role behavior such that what were considered discretionary functional activities now become part of an individual's job, which he or she is expected to fulfill in a TQM environment. Waldman (1994) argued that work responsibilities in a quality culture would include "accomplishing tasks and taking initiatives above and beyond the call of duty, and sharing information with and helping co-workers" (p. 515). In terms of the key principles of TQM, employees are required to have a customer-focused orientation and develop attitudes and behaviors that reflect a commitment to customer service; a pervasive emphasis on collaboration and cooperative efforts between individuals and groups within organizations (Stone--...
Words: 8829 - Pages: 36