Organisational system security - The possible security issues which exist within the FilmPoster.com system

Authors Avatar

The possible security issues which exist within the FilmPoster.com system M1

DoS attack: a DoS attack is an attack a person that hacks a computer in an attempt to make computers resources unavailable to its intended users. Though DoS attacks motivation may be carried out for different reasons. Film posters have a web site used to sell movie posters to collectors and a DoS attack will be used by the attacker to prevent the film posters site from functioning efficiently, temporarily or indefinitely. Since film posters hold details of their customers, who have registered with the website, with websites that hold such information people that use DoS attacks target such sites or services hosted on web servers. The attack can be used to saturate the targets machine, such that it cannot respond to legitimate traffic, consume its resources so that it can no longer provide its intended service. They are so many different ways of using DoS attacks they basic types of attacks are, disruptions of physical network components, obstructing the communication media between the user and the film poster from communicating adequately. They can also use Permanent Denial of Service Attacks: a denial service attack attacks and damages a system so badly that it will require replacing or reinstalling the hardware.

 Phishing attackers; will attack filmposters.com website to acquire sensitive information such as customer’s usernames, passwords and credit card details, they would attack the website by using techniques such as Link manipulations method a form of a technical deception designed to make a link in an email and the spoofed websites that leads to the phisher. The link may appear to belong to film posters but leads t the phishers site. The other technique is phone phishing. Attackers that call customers claiming to be from film posters, for example an attacker can call a customer claiming to be calling from film posters, asking them to dial a number in regards to their details such as bank accounts and once the number has been dialled, the customer is told to enter their account details and PIN’s. Phishing is mainly carried out using email or instant messaging directing users to enter their details at a fake website created by the phisher which is identical to the legitimate website.

Join now!

M2 Explain the operation and effect of two Different threats involving gaining access to information without damage to data.

Denial services attack: denial service attacks prevent users from accessing a computer or a website, attempting to overload or shut down a service they usually attack and target web servers aiming to make a website unavailable and no longer accessible to the users. The most common way of attack used is by sending traffic and overloading a computer and using botnet to flood a web server with request. When attacked data is not stolen or compromised, but by making the ...

This is a preview of the whole essay

Here's what a star student thought of this essay

The report states the term 'DoS', however the report doesn't break down this term. The report should include something on the lines of 'DoS stands for 'Denial Of Service''. On the flip side, the report has explained this term. The report is aimed at FilmPoster.com, however the report hasn't included a screenshot to allow readers to visualize what the student is writing. This could be added, to enable the reader to visualize the report.

The report clearly describes what encryption is, and this is quite detailed. This is due t that the report states what is meant by the term, and explained how websites may undertake this process to prevent unauthorised access. However all the below sections are lacking detail. I believe that these were written in quite a rush, as these are not in-depth and do not explain each of the security measures.

In summary, there are some detailed understanding of security issues that FilmPoster could suffer from. However the student, I believe doesn't understand some aspects of this and there should undertake more background research to fill in the missing/in-complete sections. The DoS section is quite focused on how an attacker is able to make a website appear offline. In order to achieve high marks, the report could explain the effects of a number of consumers in more detail. For example the report could state 'If the website was suffering from a DoS attack, consumers may be placed at an disadvantage due to the inability to access the website. This could result in inconvenience for the consumer'. This would allow the report is to balanced, which shows an in-depth understanding of the different points of view. The report mentions how 'Phishing' is an attack on the website, this is in-correct. Phishing attacks are directly aimed at those consumer's of the website, via e-mails. As a e-mail may contain a link to a website which will look and operate similar with the actual website of FilmPoster. The difference is that the website will have a different URL. These websites are used, in order to acquire consumer's usernames and passwords then there login to the fake website.