Chat with AI
Accounting Information Systems 7th Edition by Cynthia Heagy,Constance Lehmann
Edition 7ISBN: 978-1111219512Accounting Information Systems 7th Edition by Cynthia Heagy,Constance Lehmann
Edition 7ISBN: 978-1111219512 Exercise 16
One day, a user in the accounting department at Therion Company inadvertently entered an erroneous command and was surprised to see a display of the password file. It contained a complete list of all current passwords, the names and ID numbers of the individuals to whom the passwords were issued, and the tasks, files, and directories to which they had access. The information extended over several screens, with continuation commands allowing the viewer to study each screen in turn. The user recognized the potential value of the information and spent the next hour copying it down. Shortly after this incident, she quit her job and sold the information to MacGregor, Inc., a major competitor of Therion.
Over the next 2 years, personnel al MacGregor routinely accessed Therion's files over the telephone lines. The rival firm retrieved sensitive data on production and sales targets. It also made subtle changes to data that misled managers into making fault decisions on a number of occasions. The penetration went unnoticed until an employee of MacGregor finally placed an anonymous call to Therion's manager of information services.
Upon receipt of the call, all passwords were changed, but fearing adverse publicity and disciplinary action, the manager decided that the matter would be better hushed up. The assistant manager, the only other person to find out about the situation, was given a sizable raise to keep quiet. As a result, neither upper management nor the directors of the company ever learned of the problem.
Required:
Discuss the situation described and identify the control measures that should have been taken to (1) prevent the disclosure of the passwords, (2) prevent the exploitation of the disclosure, and (3) ensure that the situation could never have been concealed.
Over the next 2 years, personnel al MacGregor routinely accessed Therion's files over the telephone lines. The rival firm retrieved sensitive data on production and sales targets. It also made subtle changes to data that misled managers into making fault decisions on a number of occasions. The penetration went unnoticed until an employee of MacGregor finally placed an anonymous call to Therion's manager of information services.
Upon receipt of the call, all passwords were changed, but fearing adverse publicity and disciplinary action, the manager decided that the matter would be better hushed up. The assistant manager, the only other person to find out about the situation, was given a sizable raise to keep quiet. As a result, neither upper management nor the directors of the company ever learned of the problem.
Required:
Discuss the situation described and identify the control measures that should have been taken to (1) prevent the disclosure of the passwords, (2) prevent the exploitation of the disclosure, and (3) ensure that the situation could never have been concealed.
Explanation
Verified
Verified
In the present situation, an employee of...
Accounting Information Systems 7th Edition by Cynthia Heagy,Constance Lehmann
Why don’t you like this exercise?
Other Minimum 8 character and maximum 255 character
Character 255
