MANAGEMENT INFORMATION SYSTEM : COMPUTER HARDWARE, SOFTWARE, NETWORKING AND INFORMATION SECURITYvvvv

P a g e | 1

P a g e | 2 Authors NUREDZAN BINTI ZALUDIN MOBIL BIN SAHRAN DZULKIPLI BIN MARASAN POLITEKNIK KUCHING SARAWAK MINISTRY OF HIGHER EDUCATION KM22, JALAN MATANG, 93050 KUCHING, SARAWAK. Phone No. : (082) 845596/7/8 Fax No. : (082) 845023 E-mail : [email protected] Website : http://www.poliku.edu.my/ Copyright © 2022 Politeknik Kuching Sarawak e ISBN 978-967-2953-58-6 All rights reserved. No parts of this publication may be copied, stored in form or by any means, electronic, mechanical, photocopying and recording or otherwise or by any means for reproduced without the prior permission of Politeknik Kuching Sarawak. National Library of Malaysia Cataloguing-in-Publication Data Nuredzan Zaludin MANAGEMENT INFORMATION SYSTEM : COMPUTER HARDWARE, SOFTWARE, NETWORKING AND INFORMATION SECURITY / NUREDZAN ZALUDIN, MOBIL SAHRAN, DZULKIPLI MARASAN. Mode of access: Internet eISBN 978-967-2953-58-6 1. Management information systems. 2. Information technology. 3. Management--Communication systems. 4. Government publications--Malaysia. 5. Electronic books. I. Mobil Sahran. II. Dzulkipli Marasan. III. Title. 658.4038011 Penyusun grafik/ilustrasi : Nuredzan Zaludin Published by: Politeknik Kuching Sarawak Ministry Of Higher Education

P a g e | 3 PREFACE This book will introduce students to the basic knowledge of Management Information System such as Computer Hardware, Computer Software, Networking and Information Security. By reading this book, besides learning theoretical, students will have better understanding on Management Information System basics with guided of related pictures and graphics. The book also presents students with colourful pictures, graphics and fonts that can lift the mood of students to learn this subject with more fun. The author hopes that this book is also one of the approaches for students who are still new to learn the basics of Management Information Systems such as hardware, software, networking and information security.

P a g e | 4 ACKNOWLEDGEMENT First of all, thanks to the Head of the Department of Commerce, Mrs. Normala Binti Jaya for giving the opportunity to publish this book, Program Coordinator, Mrs. Sharifah Mahani Binti Syid Issimi for supporting the writing of this book, Polytechnic and Community College e-Learning Committee Members for organizing eDOLA programs and activities at the polytechnic and community college levels as well as encouraging polytechnic and community college academicians to publish books electronically, Kuching Sarawak Polytechnic library for their guidance in the book publishing process and last but not least our family members, colleagues and anyone directly and indirectly involved for giving support to write and publish this book.

P a g e | 5 TABLE OF CONTENTS CONTENTS PAGES 1.0 The computer hardware 8 1.1 Input and output devices 8 1.2 Processing device 11 1.3 Storage device 13 1.4 Communication device 14 1.5 Types of Computer Hardware 14 a. Personal computers 14 b. Other digital devices 15 2.0 The computer software 24 a. Cloud Computing 24 b. Open- Source Software 26 2.1 System software 27 a. Operating software 27 b. Application software 29 c. Utility Software 31 3.0 The basic of networking 35 3.1 Describe types of network 35 a. Local area network (LAN) 38 b. Campus area network (CAN) 39 c. Metropolitan area network (MAN) 40 d. Wide area network (WAN) 40 e. Internet 41 f. World wide web 42

P a g e | 6 4.0 Threats to Information Security 45 4.1 Identify malicious software 45 a. Viruses 45 b. Worms 45 c. Trojan horses 45 d. Spyware 46 4.2 The Computer Crime 46 a. Hackers 47 b. Spoofing and sniffing 47 c. Denial of Service Attack 48 d. Identity theft 49 e. Click fraud 49 f. Cyber terrorism and cyber warfare 49 4.3 The basic of information security 50 4.3.1 Information systems controls 50 a. General controls 52 b. Application controls 52 4.3.2 Information resources controls 52 a. Authentication 52 b. Firewalls 54 c. Intrusion detection system 55 d. Antivirus and antispyware software 56 e. Unified threat management system 57 References 59

P a g e | 7

P a g e | 8 1.0 The Computer Hardware Hardware means the physical components of a computer that perform the input, processing, storage, and output activities of the computer as shown in Figure 1.1. Figure 1.1 Computer Hardware 1.1 Input and Output Devices Part of a computer’s user interface, which includes other hardware devices and software that allow you to interact with a computer system are called input and output devices. When selecting input and output devices, an organization should keep their business goals in mind as with other computer system components. Communication Devices Input Devices Output Devices Secondary Storage Memory (Primary Storage) Control Unit Arithmetic Logic Unit Processing Devices

P a g e | 9 Input means data entered into a computer through an input device for example, when you send message through email, data that entered by typing the message using keyboard as an input device is called an input. The input devices consists of mouse, keyboard, scanner, barcode reader, printer, digital camera, trackball and microphone as shown in Figure 1.2. Figure 1.2 Input Devices

P a g e | 10 Output means data entered by the user that can be seen from output devices, for example message receive from email and can be seen through the monitor. The output devices consists of laser printer, 2D cutter, LCD screen, speaker, 3D printer, inkjet printer, headphone and projector as shown in Figure 1.3. Figure 1.3 Output Devices

P a g e | 11 1.2Processing Device A part of processing device that ability to process (organize and manipulate) data is called Central Processing Unit (CPU) where it is a critical aspect of a computer system, in which processing is accomplished by an interplay between one or more of the central processing units and primary storage as shown in Figure 1.3. Figure 1.3 Central Processing Unit Memory devices contain thousands of circuits imprinted on a silicon chip as shown in Figure 1.4. Each circuit is either conducting electrical current (on) or not (off). Data is stored in memory as a combination of on or off circuit states. Figure 1.4 Random Access Memory (RAM)

P a g e | 12 Random Access Memory (RAM) can store instructions or data temporarily. RAM is temporary and volatile. If the current is turned off or disrupted (as in a power surge, brownout, or electrical noise generated by lightning or nearby machines), RAM chips will lose their contents. Figure 1.5 Read Only Memory (ROM) Another type of memory, which is called Read-only memory (ROM), is usually non-volatile. In ROM, the combination of circuit states is fixed, and therefore if the power is removed its contents are not lost. ROM provides permanent storage for data and instructions that do not change, such as programs and data from the computer manufacturer, including the instructions that tell the computer how to start up when power is turned on.

P a g e | 13 1.3Secondary Storage Figure 1.6 Secondary Storage The CPU requires a small amount of storage area for processing the data and instructions for processing. Secondary storage, also called permanent storage is also needed by computer system to store larger amounts of data, instructions, and information more permanently than main memory allows. Secondary storage consists of hard disk, floppy disk, compact disk (CD), flash drive, memory card, external hard disk and others as shown in Figure 1.6

P a g e | 14 1.4Communication Device Computer modem is the best example of a communication device, which is capable of sending and receiving a signal to allow computers to talk to other computers over the telephone. Network Interface Card (NIC), Wi-fi devices, and an access point are other examples of communication devices as in Figure 1.7. Figure 1.7 Communication devices 1.5 Types of Computer Hardware The computer hardware consists of personal computer and other digital devices. a) Personal Computer Computer that is operated by a single user who can customize the functions to match personal preferences. The most common devices used for entry of data such as characters, text, and basic commands are keyboard and computer mouse. Newer keyboards that are more comfortable, adjustable, and faster to use have been developed by some companies.

P a g e | 15 b)Digital Devices Digital Devices consists of smartphone, personal digital assistant (PDA), Handheld (ultra portable, pocket) computer, tablet computer, desktop computer, workstation computer, minicomputer (server), mainframe computer and super computer i) Smartphone A cellular telephone with a keypad that runs programs, music, photos, and email and includes many features of a PDA. Figure 1.8 Smartphone ii) Personal digital assistant (PDA) A small handheld computer that performs simple tasks such as taking notes, scheduling appointments, and maintaining an address book and a calendar. The PDA screen is touch-sensitive, allowing a user to write directly on the screen, capturing what is written.

P a g e | 16 Figure 1.9 Personal digital assistant (PDA) iii) Handheld (ultra-portable, pocket) computer Computer portable enough to fit in a purse or pocket and has its own power source or battery. Figure 1.10 Handheld (ultra portable, pocket) computer iv)Tablet computer Computer with a flat screen that uses a mouse or fingertip for input, instead of a keyboard. Similar to PDAs, tablet PCs use a writing pen or stylus to write notes on the screen and touch the screen to perform functions such as clicking on a link while visiting a website.

P a g e | 17 Figure 1.11 Tablet Computer v) Desktop computer Computer that sits on, next to, or under a user’s desk and is too large to carry around. The computer box is where the CPU, RAM, and storage devices are held with a monitor on top, or a vertical system box (called a tower) usually placed on the floor within a work area. Figure 1.12 Desktop Computer

P a g e | 18 vi)Workstation computer Similar to a desktop but has more powerful mathematical and graphics processing capabilities and can perform more complicated tasks in less time. Typically used for software development, web development, engineering, and e-business tools. Figure 1.13 Workstation Computer vii) Minicomputer (server) Also known as mid-range server. Designed to meet the computing needs of several people simultaneously in a small to medium-size business environment. A common type of minicomputer is a server and is used for managing internal company applications, networks, and websites.

P a g e | 19 Figure 1.14 Minicomputer (server) viii) Mainframe computer Designed to meet the computing needs of hundreds of people in a large business environment. Mainframe computers are a step up in size, power, capability, and cost from minicomputers. Figure 1.15 Mainframe Computer

P a g e | 20 ix) Supercomputer The fastest, most powerful, and most expensive type of computer. Supercomputers have been employed by organizations such as NASA that are heavily involved in research and number crunching because of the speed with which they can process information. Other large, customer-oriented businesses such as General Motors and AT&T employ supercomputers just to handle customer information and transaction processing. Figure 1.16 Supercomputer

P a g e | 21 Tutorial 1 1. _______________ refers to the physical components of a computer that perform the input, processing, storage, and output activities of the computer. 2. ______________ refers to controlling process of the computer hardware operations. One of the most critical functions of systems software. Systems software also supports the application programs’ problem-solving capabilities. Different types of systems software include operating systems and utility programs. 3. What are types of hardware for the following: a. Input devices i. ii. iii. b. Processing devices i. ii. iii. c. Output devices i. ii. iii. d. Communication devices i. ii. iii. e. Secondary storage i. ii. iii.

P a g e | 22 4. Briefly describe the digital devices in computer hardware. a. b. c. d. e. f. g. h. i. j.

P a g e | 23

P a g e | 24 2.0 The Computer Software a) Cloud Computing The delivery of computing services such as servers, storage, databases, networking, software, analytics, intelligence and more, over the Cloud (Internet) is called Cloud Computing. Figure 2.1 A software package is a prewritten commercially available set of software programs that eliminates the need for a firm to write its own software programs for certain functions, such as payroll processing or order handling. Enterprise application software vendors such as SAP and Oracle- People Soft have developed powerful software packages that can support the primary business processes of a firm worldwide from warehousing, customer relationship management, and supply chain management, to finance and human resources.

P a g e | 25 Figure 2.2 Cloud Computing An easily accessible online portal has been provided by the cloud environment that makes handy for the user to manage the compute, storage, network and application resources. Some cloud service providers are such as Google Cloud Platform, IBM Cloud, Amazon Web Services and so on. Figure 2.3 Cloud Environment

P a g e | 26 b) Open-source software Software produced by a community of several hundred thousand programmers around the world is called Open source software. According to the leading open source professional association, users can modify opensource.org and open source software freely. Works derived from the original code must also be free, and the software can be redistributed by the user without additional licensing. Example of Open Source Software are such as Ubuntu, Word Press, Joomla, Android and others as shown in Figure 2.4. Figure 2.4 Open Source Software

P a g e | 27 2.1 System Software Software can be divided into several types such as operating software, Application, and Utility as per shown below. a) Operating Software MS-DOS The standard, single-user operating system of IBM and IBMcompatible computers, introduced in 1981. MS-DOS is a command-line operating system that requires the user to enter commands, arguments, and syntax. Microsoft Windows Generic name for the various operating systems in the Microsoft Windows family, including Microsoft Windows CE, Microsoft Windows, Microsoft Windows ME, Microsoft Windows, Microsoft Windows XP, Microsoft Windows NT, and Microsoft Windows Server. Mac OS X The operating system of Macintosh computers. Linux An open source operating system that provides a rich environment for high-end workstations and network servers. Open source refers to any program whose source code is made available for use or modification as users or other developers see fit. UNIX A 32-bit multitasking and multiuser operating system that originated at AT&T’s Bell Laboratories and is now used on a wide variety of computers, from mainframes to PDAs.

P a g e | 28 Figure 2.5 Operating Software

P a g e | 29 b) Application Software Browser Enables the user to navigate the World Wide Web. The two leading browsers are Netscape Navigator and Microsoft Internet Explorer. Communication Turns a computer into a terminal for transmitting data to and receiving data from distant computers through the telephone system. Data management Provides the tools for data retrieval, modification, deletion, and insertion; for example, Access, MySQL, and Oracle. Desktop publishing Transforms a computer into a desktop publishing workstation. Leading packages include Adobe FrameMaker, Adobe PageMaker, and QuarkXpress. Email Provides email services for computer users, including receiving mail, sending mail, and storing messages. Leading email software includes Microsoft Outlook, Microsoft Outlook Express, and Eudora. Groupware Increases the cooperation and joint productivity of small groups of co-workers. Presentation graphics Creates and enhances charts and graphs so that they are visually appealing and easily understood by an audience. A full-features presentation graphics package such as Lotus Freelance Graphics or Microsoft PowerPoint includes facilities for making a wide variety of charts and graphs and for adding titles, legends, and explanatory text anywhere in the chart or graph. Programming Possesses an artificial language consisting of a fixed vocabulary and a set of rules (called syntax) that programmers use to write computer programs. Leading programming languages include Java, C ++, C#, and .NET.

P a g e | 30 Figure 2.6 Application Software Spreadsheet Simulates an accountant’s worksheet on-screen and lets users embed hidden formulas that perform calculations on the visible data. Many spreadsheet programs also include powerful graphics and presentation capabilities to create attractive products. The leading spreadsheet application is Microsoft Excel. Word processing Transforms a computer into a tool for creating, editing, proofreading, formatting, and printing documents. Leading word processing applications include Microsoft Word and WordPerfect.

P a g e | 31 c) Utility Software Crash-proof Helps save information if a computer crashes. Disk image for data recovery Relieves the burden of reinstalling applications if a hard drive crashes or becomes irretrievably corrupted. Disk optimization Organizes information on a hard disk in the most efficient way. Encrypt data Protects confidential information from unauthorized eyes. File and data recovery Retrieves accidental deletion of photos or documents. Textprotect In Microsoft Word, prevents users from typing over existing text after accidentally hitting the Insert key. Launch the Insert Toggle Key program, and the PC will beep whenever a user presses the Insertkey. Preventive security Through programs such as Window Washer, erases file histories,Browser cookies, cache contents, and other crumbs that applications and Windows leaveona hard drive. Spyware Removes any software that employs a user’s Internet connection in the back-ground without the user’ knowledge or explicit permission. Uninstaller Can removesoftwarethatisno longerneeded.

P a g e | 32 Figure 2.7 Utility Software

P a g e | 33 Tutorial 2 1. Explain the following computer software. i. Cloud computing ii. Open source software. 2. What are the THREE types of software i. ii. iii. 3. List down the application software that you know. i. ii. iii. iv. v. 4. List down the utility software that you know. i. ii. iii. iv. v. 5. List down the operating software that you know. i. ii. iii. iv. v.

P a g e | 34

P a g e | 35 3.0 The Basic of Networking 3.1 The Communication Network and Types of Network 3.1.1 Definition of Network A network consists of two or more connected computers. a client computer and a dedicated server computer, network interfaces, a connection medium, network operating system software, and either a hub or a switch. Each computer on the network contains a network interface device to link the computer to the network. 3.1.2 Simple Communication Network The network operating system (NOS) routes and manages communications on the network and coordinates network resources. It can reside on every computer in the network, or it can reside primarily on a dedicated server computer for all the applications on the network. A computer on a network that performs important network functions for client computers, such as serving up Web pages, storing data, and storing the network operating system (and hence controlling the network) is called a server computer. Figure 3.1 Simple Communication Network

P a g e | 36 Most networks also contain a switch or a hub acting as a connection point between the computers. A very simple devices that connect network components, sending a packet of data to all other connected devices are called hubs. A switch has more intelligence than a hub and can filter and forward data to a specified destination on the network. Router is needed if want to communicate with another network, such as the Internet. A new networking approach in which many of these control functions are managed by one central program is called Software-defined networking (SDN), which can run on inexpensive commodity servers that are separate from the network devices themselves. This is especially helpful in a cloud computing environment because it allows a network administrator to manage traffic loads in a flexible and more efficient manner with many different pieces of hardware. Figure 3.2 Software-defined networking (SDN)

P a g e | 37 3.1.3 The Communication Network 3.1.3.1 Analog Signal An analog signal is represented by a continuous waveform that passes through a communications medium and has been used for voice communication. The telephone handset, the speaker on your computer, or your ipod earphone, all of which create analog waveforms that your ear can hear are the most common analog devices. 3.1.3.2 Digital Signal A digital signal is a discrete, binary waveform, rather than a continuous waveform. Digital signals communicate information as strings of two discrete states: one bit and zero bits, which are represented as on-off electrical pulses. Computers use digital signals and a modem is required to convert these digital signals into analog signals that can be sent over (or received from) telephone lines, cable lines, or wireless media that use analog signals. Figure 3.3 The Communication network. Analog and Digital functions

P a g e | 38 3.1.4 Types of Network 3.1.4.1 Local Area Network (LAN) A Local Area Network (LAN) is designed to connect personal computers and other digital devices within a half- mile or 500-meter radius. LAN typically connect a few computers in a small office, all the computers in one building, or all the computers in several buildings in close proximity. One computer is a dedicated network file server, providing users with access to shared computing resources in the network, including software programs and data files. The router connects the LAN to other networks, which could be the internet or another corporate network, so that the LAN can exchange information with networks external to it. Windows, Linux, and Novell are the most common LAN operating systems where each of these network operating systems supports TCP/IP as their default networking protocol. LANs may use a peer-to-peer architecture. A peer-to-peer network treats all processors equally and is used primarily in small networks with 10 or fewer users. Data can be exchanged by the various computers on the network with direct access and can share peripheral devices without going through a separate server.

P a g e | 39 Figure 3.4 Local Area Network (LAN) 3.1.4.2 Campus Area Network (CAN) A computer network that links the buildings and consists of two or more local area networks (LANs) within the limited geographical area is called a Campus Area Network (CAN). It can be the college campus, enterprise campus, office buildings, military base, industrial complex. Figure 3.5 Campus Area Network

P a g e | 40 3.1.4.2 Metropolitan Area Network (MAN) A network that spans a metropolitan area, usually a city and its major suburbs is called a metropolitan area network (MAN). Its geographic scope falls between a Wide Area Network (WAN) and a Local Area Network (LAN). Figure 3.6 Metropolitan Area Network 3.1.4.3 Wide area network (MAN) Wide Area Networks (WANs) span broad geographical distances such as the entire regions, states, continents, or the entire globe. Internet is the most universal and powerful WAN. Computers connect to a WAN through public networks, such as the telephone system or private cable systems, or through leased lines or satellites.

P a g e | 41 Figure 3.7 Wide Area Network 3.1.4.4 Internet The Internet has become the world’s most extensive, public communication system that now rivals the global telephone system in reach and range. It’s also the world’s largest implementation of client/server computing and internetworking, linking millions of individual networks all over the world. A commercial organization with a permanent connection to the Internet that sells temporary connections to retail subscribers is called an Internet service provider (ISP). Figure 3.8 Internet Figure 3.9 Internet Service Provider

P a g e | 42 3.1.4.5 World Wide Web An information space where documents and other web resources are identified by Uniform Resource Locators (URLs) is called the World Wide Web (abbreviated WWW or the Web), interlinked by hypertext links, and can be accessed via the Internet. Figure 3.10 World Wide Web (WWW)

P a g e | 43 Tutorial 3 1. Define network. 2. Describe the following network devices. i. Server computer ii. Router iii. Hub iv. Switch 3. Describe the following communication network. i. Analog signal ii. Digital signal 4. Describe the following types of network. i. Local Area Network (LAN) ii. Campus Area Network (CAN) iii. Metropolitan Area Network (MAN) iv. Wide Area Network (WAN) v. Internet vi. World Wide Web

P a g e | 44

P a g e | 45 4.0 The Threats To Information Security 4.1 The Malicious Software Malware is referred to malicious software programs that include computer viruses, worms, and Trojan horses as a variety of threats. 4.1.1 Viruses A rogue software program that attaches itself to other software programs or data files in order to be executed, usually without user knowledge or permission is called a computer virus. Viruses typically spread from computer to computer when humans take an action, such as sending an e-mail attachment or copying an infected file. 4.1.2 Worms An independent computer programs that copy themselves from one computer to other computers over a network, are the most recent attacks that have come from worms. Unlike viruses, in order to spread from computer to computer, worms can operate on their own without attaching to other computer program files and rely less on human behaviour. 4.1.3 Trojan Horses A Trojan horse is a software program that appears to be benign (not harmful) but then does something other than expected. The Trojan horse is not itself a virus because it does not replicate, but it is often a way for viruses or other malicious code to be introduced into a computer system. The term Trojan horse is based on the huge wooden horse used by the Greeks to trick the Trojans into opening the gates to their fortified city during the Trojan War.

P a g e | 46 4.1.4 Spyware These small programs install themselves surreptitiously on computers to monitor user Web surfing activity and serve up advertising. Thousands of forms of spyware have been documented. Many users find such spyware annoying, and some critics worry about its infringement on computer users’ privacy. Key loggers record every keystroke made on a computer to steal serial numbers for software, to launch Internet attacks, to gain access to e-mail accounts. 4.2 Computer Crime 4.2.1 Hackers A hacker is an individual who intends to gain unauthorized access to a computer system. Within the hacking community, the term cracker is typically used to denote a hacker with criminal intent, although in the public press, the terms hacker and cracker are used interchangeably. Hackers and crackers gain unauthorized access by finding weaknesses in the security protections employed by web sites and computer systems, often taking advantage of various features of the internet 4.2.2 Spoofing and Sniffing Spoofing also may involve redirecting a Web link to an address different from the intended one, with the site masquerading as the intended destination. For example, if hackers redirect customers to a fake Web site that looks almost exactly like the true site, they can then collect and process orders, effectively stealing business.

P a g e | 47 Figure 4.1 Spoofing A sniffer is a type of eavesdropping program that monitors information traveling over a network. When used legitimately, sniffers help identify potential network trouble spots or criminal activity on networks, but when used for criminal purposes, they can be damaging and very difficult to detect. Sniffers enable hackers to steal proprietary information from anywhere on a network, including e-mail messages, company files, and confidential reports. Figure 4.2 Sniffing

P a g e | 48 4.2.3 Denial of Service Attack A hackers flood a network server or Web server with many thousands of false communications or requests for services to crash the network. The network receives so many queries that it cannot keep up with them and is thus unavailable to service legitimate requests. A distributed denial-of-service (DDoS) attack uses numerous computers to inundate and overwhelm the network from numerous launch points. For example, hours after the U.S. Department of Justice shut down filesharing site Mega upload on January 19 2012, the Anonymous hacker collective launched extensive retaliatory DDoS attacks against federal and entertainment industry Web sites. Web sites belonging to the FBI, U.S. Department of Justice, U.S. Copyright Office, Universal Music, the Recording Industry Association of America, and the Motion Picture Association of America, were knocked offline for a large part of the day. Although DoS attacks do not destroy information or access restricted areas of a company’s information systems, they often cause a Web site to shut down, making it impossible for legitimate users to access the site. Figure 4.3 Denial of Service Attacks

P a g e | 49 4.2.4 Identity Theft Identity theft has become especially troubling. A crime in which an imposter obtains key pieces of personal information, such as social security identification numbers, driver’s license numbers, or credit card numbers, to impersonate someone else is called identity theft. The information may be used to obtain credit, merchandise, or services in the name of the victim or to provide the thief with false credentials. 4.2.5 Click Fraud The advertiser typically pays a fee for each click, which is supposed to direct potential buyers to its products. Click fraud occurs when an individual or computer program fraudulently clicks on an online advertisement without any intention of learning more about the advertiser or making a purchase. Click fraud has become a serious problem at Google and other Web sites that feature pay-per-click online advertising. Third parties (typically from low-wage countries) are hired by some companies to fraudulently click on a competitor’s ads to weaken them by driving up their marketing costs. 4.2.6 Cyber Terrorism and Cyber Warfare The global nature of the Internet makes it possible for cybercriminals to operate and to do harm anywhere in the world. Internet vulnerabilities have also turned individuals and even entire nation states into easy targets for politically-motivated hacking to conduct sabotage and espionage. Cyberwarfare is a state-sponsored activity designed to cripple and defeat another state or nation by penetrating its computers or networks for the purposes of causing damage and disruption.

P a g e | 50 A serious threat to the infrastructure of modern societies, has been poses by cyberwarfare since their major financial, health, government, and industrial institutions rely on the internet for daily operations. Cyberwarfare also involves defending against these types of attacks. The interactive session on organizations describes some recent cyberwarfare attacks and their growing sophistication and severity. 4.3 Information Security 4.3.1 Information System Controls Information systems controls are both manual and automated and consist of general and application controls. a. General controls General controls govern the design, security, and use of computer programs and the security of data files in general throughout the organization’s information technology infrastructure. On the whole, general controls apply to all computerized applications and consist of a combination of hardware, software, and manual procedures that create an overall control environment. General controls include software controls, physical hardware controls, computer operations controls, data security controls, controls over implementation of system processes, and administrative controls. Information systems controls are both manual and automated and consist of general and application controls.