-
Jianhui Chen posted a new activity comment 7 years, 7 months ago
The news I shared today is about Malicious Ad Threat.
Attackers usually spread malicious ads across the advertising ecosystem by disguising to be a legitimate advertiser – and then later sneaking malicious code into the ads and past the security filters of the ad network without anyone noticing before they are published on famous websites.…[Read more]
-
Jianhui Chen posted a new activity comment 7 years, 8 months ago
1. What is segregation of duties and why is it a commonly used control? Give an example of two (e.g. IT) roles that should be segregated?
Segregation of duties is the concept of having more than one person required to complete a task. It is commonly used control because It ensures that there is oversight and review to catch errors. It helps to…[Read more]
-
Jianhui Chen posted a new activity comment 7 years, 8 months ago
The very nature of a DDoS attack is to aggregate many innocuous flows into a large and dangerous one. The essential nature of the attack is to overload the resources of the target. This means we need to master a new skill: managing network in overload. This is a problem faced by the military, since their networks are under active attack by an…[Read more]
-
Jianhui Chen posted a new activity comment 7 years, 8 months ago
I want to add the some approaches of how to evaluate the network capacity to your comments. .
1. Long-range views of average utilization: this will show a long-term trend of utilization, but the long-term view will average out those spikes of high utilization, thus hiding the problem.
2. Peak utilization, e.g. showing the busiest minute for…[Read more] -
Jianhui Chen posted a new activity comment 7 years, 8 months ago
Today what I shared is about the data breach as a result of stolen electronic device. It’s easier to steal a laptop than to hack a database. What the theft would do to hack your electronic device.
1. Physical access to the system. The most secured server in the world is rendered largely insecure when you let a hacker stand in front of it with…[Read more]
-
Jianhui Chen posted a new activity comment 7 years, 8 months ago
2. What is the relevance of only being able to have one posting period open at a time for real time postings? What does this prevent from happening?
You define posting periods in your fiscal year variants. You can open and close these posting periods for posting. As many periods as you require can be open for posting simultaneously.
Usually,…[Read more] -
Jianhui Chen posted a new activity comment 7 years, 8 months ago
Do you believe business rely too much on administrators to configure the security protocols in programs like SAP, rather than look for security in the entire network? Explain
I believe business should focus more on the security in programs like SAP. As the programs likes SAP stores and processes all this financial data, which means that you…[Read more]
-
Jianhui Chen posted a new activity comment 7 years, 8 months ago
How would you determine if an organization’s network capacity is adequate or inadequate? What impacts could be expected if a portion of an organization’s network capacity is inadequate?
Network capacity is the maximum capacity of a link or network path to convey data from one location in the network to another. Network capacity planning is a m…[Read more]
-
Jianhui Chen posted a new activity comment 7 years, 8 months ago
I read an article about The Islamic State is seeking the ability to launch cyberattacks against U.S. government and civilian targets in a potentially dangerous expansion of the terror group’s Internet campaign. The Flight communication system would be target as well, so It is necessary to make sure the systems safe,
Source:: h…[Read more]
-
Jianhui Chen posted a new activity comment 7 years, 8 months ago
The article I shared is ” 6 Ways Hackers Can Monetize Your Life.”
Cybercrime is a multi-billion dollar economy with sophisticated actors and a division of labor that includes malware authors, toolkit developers, hacking crews, forum operators, support services and “mules.” There are countless sites in the dark web that offer ways for hac…[Read more]
-
Jianhui Chen commented on the post, Weekly Question #7: Complete by November 10, 2016, on the site 7 years, 8 months ago
4. How important is it for people responsible for general I/T controls (e.g. Network, workstation, Server and data base security to know about how the ERP system works? What is one (1) specific thing they should know?
The general I/T people is important to know about how the ERP systems works to implement the effective controls to ensure the…[Read more]
-
Jianhui Chen posted a new activity comment 7 years, 8 months ago
Controls are important to financial and accounting processes. What would be different in the controls of a purely domestic US company vs. an international company? Give 1 – 2 specific examples
I think the currency exchange rate and tax regulation mattered.
In terms of currencies the currency exchange rate fluctuated timely. Changes in e…[Read more] -
Jianhui Chen posted a new activity comment 7 years, 8 months ago
Are the terms Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) synonyms or are they different? If they are different, what are the differences?
From the endnote of What Every IT Auditor Should Know About Backup and Recovery, We can get that “BCP and DRP are deferent and separate”.
BCP is about the business continues to…[Read more]
-
Jianhui Chen posted a new activity comment 7 years, 8 months ago
Assume you’re an outside organization with goal to cause negative things to happen to an organization’s Order to Cash (OTC) process. Where would you attack it? Explain Why and How
If I am outside the organization, I think I will focus on the vulnerability of shipping process as it is the easiest. Physically, I just hired some people int…[Read more]
-
Jianhui Chen posted a new activity comment 7 years, 8 months ago
What are the sources of Electromagnet Pulse (EMP)?
EMP is a short burst of electromagnetic energy. The sources EMP could be manmade such as directed energy weapons or nuclear blasts and naturally, and natural such as solar flares.
Why is it a physical security threat?
The role of physical security is to protect the physical assets that…[Read more] -
Jianhui Chen posted a new activity comment 7 years, 8 months ago
Assume the ‘One Piece at a Time’ video scenario could happen. If you are the operations manager responsible for the assembly line, what 1-2 key controls would you implement? Explain how the control addresses the risk.
In the video, we get that Mr. Cash can get any auto parts without any authrization, and after he steal it, and no body in…[Read more]
-
Jianhui Chen posted a new activity comment 7 years, 8 months ago
Using the Fraud Triangle analyze the ‘One Piece at a Time’ video scenario and explain how the environment was favorable to Fraud?
Pressure: Mr. Cash is eager to have a long black car, but he don’t have enough money, which motivates him to consider committing an illegal act to realize his goals.
Opportunity: Mr. Cash gets the trust from…[Read more]
-
Jianhui Chen posted a new activity comment 7 years, 8 months ago
what is OSI? and what is the function of each layer of OSI?
OSI is short for open system interconnection. It is a conceptual model that characterizes and standardizes the communication functions of a telecommunication or computing system without regard to their underlying internal structure and technology. Its goal is the interoperability of…[Read more] -
Jianhui Chen posted a new activity comment 7 years, 8 months ago
What is the advantage of VPN?
Firstly, what is the VPN?
A Virtual Private Network (VPN) is a method used to add security and privacy to private and public networks, like WiFi Hotspots and the Internet. VPNs are most often used by corporations to protect sensitive data.
Then, how it works?
VPN allows you to have your connection encrypted…[Read more] -
Jianhui Chen commented on the post, Weekly Question #8: Complete by November 2, 2017, on the site 7 years, 9 months ago
Which portion of the Order to Cash (OTC) process do they see as the most vulnerable to theft, fraud or failure of some kind? Explain.
I think delivery process is the most vulnerable. I think there is so many threats exploiting the vulnerability of delivery process. For example, if you live in a house, there is no one to receive the package when…[Read more]
- Load More