Organisational system security - The possible security issues which exist within the FilmPoster.com system
The possible security issues which exist within the FilmPoster.com system M1
DoS attack: a DoS attack is an attack a person that hacks a computer in an attempt to make computers resources unavailable to its intended users. Though DoS attacks motivation may be carried out for different reasons. Film posters have a web site used to sell movie posters to collectors and a DoS attack will be used by the attacker to prevent the film posters site from functioning efficiently, temporarily or indefinitely. Since film posters hold details of their customers, who have registered with the website, with websites that hold such information people that use DoS attacks target such sites or services hosted on web servers. The attack can be used to saturate the targets machine, such that it cannot respond to legitimate traffic, consume its resources so that it can no longer provide its intended service. They are so many different ways of using DoS attacks they basic types of attacks are, disruptions of physical network components, obstructing the communication media between the user and the film poster from communicating adequately. They can also use Permanent Denial of Service Attacks: a denial service attack attacks and damages a system so badly that it will require replacing or reinstalling the hardware.
Phishing attackers; will attack filmposters.com website to acquire sensitive information such as customer’s usernames, passwords and credit card details, they would attack the website by using techniques such as Link manipulations method a form of a technical deception designed to make a link in an email and the spoofed websites that leads to the phisher. The link may appear to belong to film posters but leads t the phishers site. The other technique is phone phishing. Attackers that call customers claiming to be from film posters, for example an attacker can call a customer claiming to be calling from film posters, asking them to dial a number in regards to their details such as bank accounts and once the number has been dialled, the customer is told to enter their account details and PIN’s. Phishing is mainly carried out using email or instant messaging directing users to enter their details at a fake website created by the phisher which is identical to the legitimate website.
This is a preview of the whole essay
Peer Reviews
Here's what a star student thought of this essay
Quality of writing
The report states the term 'DoS', however the report doesn't break down this term. The report should include something on the lines of 'DoS stands for 'Denial Of Service''. On the flip side, the report has explained this term. The report is aimed at FilmPoster.com, however the report hasn't included a screenshot to allow readers to visualize what the student is writing. This could be added, to enable the reader to visualize the report.
Level of analysis
The report clearly describes what encryption is, and this is quite detailed. This is due t that the report states what is meant by the term, and explained how websites may undertake this process to prevent unauthorised access. However all the below sections are lacking detail. I believe that these were written in quite a rush, as these are not in-depth and do not explain each of the security measures.
Response to question
In summary, there are some detailed understanding of security issues that FilmPoster could suffer from. However the student, I believe doesn't understand some aspects of this and there should undertake more background research to fill in the missing/in-complete sections. The DoS section is quite focused on how an attacker is able to make a website appear offline. In order to achieve high marks, the report could explain the effects of a number of consumers in more detail. For example the report could state 'If the website was suffering from a DoS attack, consumers may be placed at an disadvantage due to the inability to access the website. This could result in inconvenience for the consumer'. This would allow the report is to balanced, which shows an in-depth understanding of the different points of view. The report mentions how 'Phishing' is an attack on the website, this is in-correct. Phishing attacks are directly aimed at those consumer's of the website, via e-mails. As a e-mail may contain a link to a website which will look and operate similar with the actual website of FilmPoster. The difference is that the website will have a different URL. These websites are used, in order to acquire consumer's usernames and passwords then there login to the fake website.