1. Discuss the difficulties in defending systems when there are delays in security updating products? 2....

1. Discuss the difficulties in defending systems when there are delays in security updating products?

2. Discuss the difficulties in defending against the availability and simplicity of attack tools.

Expert Solution

1. Below mentioned are the difficulties that are caused if there is any delay in updating security products :-

Universal connected device - If there is any delay in updates - then there might be chances that attackers from any part of the world can attack.
Speed of attack - Due to above mentioned reason, there will be increased amount of attack as well / speed will increase.
With the increase in technology, the attackers have also trained themselves to match the world. Attacking to a system is now not limited to highly skilled attackers. If there is delay in the updating the security products then there is a high chance that the low skilled attackers might evade the system.
Vulnerablity - Attackers might find it easy to attack the system if the system runs on old security paches,
Distribution of attacks - For 1 system, attackers use 1000 of systems to attack. Hence, a high risk is always there if there is any delay

Generally, when a software is launched in the market there are updates coming through to secure the software. As for example in the current times the malware attack has increased so much that the software vendors has stopped the old rule of following any traditional rule of fighting the viruses. Every month or, after some period of time there are software updates where software attack risks are reduced / potnetial threats are reduced

2. Coming on to the simplicity and availability of the attacking tools - In the past time when there was lesser threats of attack, one had to be technically skilled to attack to a system. Without proper knowledge it was impossible to attack any software, But in the current times, there are free softwares online/ market where a person can download and start attack any system without having any sort of technical knowledge. Tools are simple as well as readily available online - where any person can search, download and learn by their own and attack. Below graph shows the availability of the softwares in the internet with time.

venereology answered 1 year ago

What kind of difficulties there might be when creating an information security policy? What is required of them?

When would you expect the Social Security system to begin to experience difficulties, if any? Why?

discuss the fundamental difficulties encountered when researching the effectiveness of probation and parole.

1.Explain how agility can be incorporated into engineered products / systems. 5 marks 2.Discuss the process...

1.Explain how agility can be incorporated into engineered products / systems. 5 marks 2.Discuss the process whereby requirements in the RBS are allocated to the physical architecture. (Questions from System science and engineering)

1. Discuss factors that a company might look at when determining prices for its products. 2....

1. Discuss factors that a company might look at when determining prices for its products. 2. What are the advantages and disadvantages of target pricing versus cost-based pricing? 3. Why might a company price goods below costs?

1. In League of Legends, a player’s Effective Health when defending against physical damage is given...

1. In League of Legends, a player’s Effective Health when defending against physical damage is given by E = H(100 + A)/100 where H is health and A is armor. Health costs 2.5 gold per unit and Armor costs 18 gold per unit. Ten minutes into the game, you have 1080 health and 10 armor. You have only 720 gold to spend, and the health armor costs the same as before. Again, the goal is to maximize the effectiveness E....

Discussion Database Security and UML Often, systems have only one level of security when it comes...

Discussion Database Security and UML Often, systems have only one level of security when it comes to databases. Imagine that someone is trying to add a name (which should be composed only of letters) to a database. The user mistakenly hits a number, and the system rejects the entry. Such security can be implemented at the database management system (DBMS) or the application level. Where would you apply security? Justify your choice. What are some alternative practices or standards of...

Questions in Accounting Information Systems 1- What is the relationship between authorization and information security 2-...

Questions in Accounting Information Systems 1- What is the relationship between authorization and information security 2- What is the relationship between Internal Control and fraud 3- What is the relationship between double entry system and IT

Assess the relationships between continuous monitoring for 1) NIST Systems Security Engineering, SP 800-160, Systems Security...

Assess the relationships between continuous monitoring for 1) NIST Systems Security Engineering, SP 800-160, Systems Security Engineering and 2) IETF SACM. Consider for your Analysis and Conclusions utilizing the NIST enterprise levels: • Level 1: Organization • Level 2: Mission/Business Processes • Level 3: System

Answer the following questions 1- List some difficulties that may arise when analyzing multiple goals. 2....

Answer the following questions 1- List some difficulties that may arise when analyzing multiple goals. 2. List the reasons for performing sensitivity analysis. 3. Explain why a manager might perform what-if analysis. 4. Explain why a manager might use goal seeking. ****Please Please No hand writing ,And answer all the questions not part of them.THANKYOU in advance

Question