Department of Computer Science CSC-458:Mangement Information System

Bahria University BSCS Semester 06 (Fall 2020)

ASSIGNMENT 03
M Azam Kamal(189) Marks: 05
M Haris Aftab(136)
M Ahmed Siddiqui(141)

Theoretical Assignment
Read Carefully:
• The deadline for this assignment is before or on 21th October 2020.

WARNING: This is a group assignment. Any form of plagiarism will result in receiving zero in
the assignment.

WARNING: Late submission will not be accepted. Any assignment submitted after the cutoff
time will receive zero.

• This assignment has only one questions that you have to answer and submit in softcopy form to
your CR and CR will submit to the lecturer:

M Talha Alam

1|Page
 CS Department, BUKC 2/2 Semester 6 (Fall 2020)
CSC-358: MIS Assignment 03

THEORITICAL QUESTIONS

1) No business whether small or big can be counted as safe from security breaches. Although
renowned companies are targets for hackers, small businesses are also likely to face security
threats. It is, therefore, advisable to remain alert and keep yourself updated about concerning
business security methods. Write down the security threats faced by your business and also
mention its prevention, how you secure your business from hacker.

Answer:
Sensitive Information leaked:

Rental companies collect several pieces of personal information from their customers.Personal
Identifiable Information (PII) includes a customer’s contact information, driver’s license
information, Social Security information, passport information, insurance information, and credit
card information. This can be leaked by irresponsible handeling of data.

How Sensitive Information leaked can be handeled:

 Take stock. Know what personal information you have in your files and on your computers.
 Scale down. Keep only what you need for your business.
 Lock it. Protect the information that you keep.
 Properly dispose of what you no longer need.
 Following proper encryption protocols to keep customers data safe,

Phishing:

Several online apps and shops have received reports of their customers receiving messages or emails
from hackers pretending to be store owners. Such fraudsters present fake copies of your website pages
or another reputable website to trick the users into believing them.

 This phising attack may harm our business too like manipulating GPS to wrong directions.

 Access the vehicle through vulnerabilities and compromise tracker, safety elements of the
vehicle.

How Phishing attack can be handeled:

It’s important to make sure that you, and all your employees, have proper security training. Make
sure everyone in your team is aware of phishing techniques like URL redirects, embedded links and
malicious email attachments. You should do plenty of research on how to detect phishing emails, and
make sure everyone in your company knows how to detect a phishing email.If you want to, you can
test your employee’s reaction to phishing emails by sending simulated phishing emails via websites
like Phishme, Knowbe4, Phishproof and Phishd.
 CS Department, BUKC 3/2 Semester 6 (Fall 2020)
CSC-358: MIS Assignment 03

Spamming:

Some hackers can send infected links via email or social media inboxes. They can also leave these
links in their comments or messages on blog posts and contact forms. Once you click on such links,
they will direct you to their spam websites, where you may end up a victim.

Modern vehicles are now connected online these days with panel of Operating system where
individuals can surf the internet while driving through voice assistance enabled thus, Spamming
messages can compromise the driver or may be the people sitting inside the vehicle.

How spamming can be handeled:

 Never, ever reply to a spam message. 

 Don't click any links in a spam email. 
 Don't forward an email from someone you don't know to a list of people. 

Malware:

Hackers may design a malicious software and install on your IT and computer systems without your
knowledge. These malicious programs include spyware, viruses, Trojan horses, and ransomware etc.

As described earlier, modern cars these days have operating system i.e. Android and they are
connected to internet means there can be malware attacks where

 Tracker

 Navigation Sysem (Synep)

 Safety Elements

 Meters

Can be manipulated or atlered by malware

How Malware can be handeled:

 Install Anti-Virus/Malware Software sutable according to car manufacture

 Secure Your vehicle Network
 Think Before You answer voice assistance or Siri.

 Only buy Apps from trusted sources.

 CS Department, BUKC 4/2 Semester 6 (Fall 2020)
CSC-358: MIS Assignment 03

Cross-Site Scripting (XSS):

The attackers can plant a malicious JavaScript snippet on our website or store to target our online
visitors and customers. Such codes can access our customers’ cookies and compute.

How Cross-Site Scripting (XSS) issue can be handled:

Preventing cross-site scripting is trivial in some cases but can be much harder depending on the
complexity of the application and the ways it handles user-controllable data. In general, effectively
preventing XSS vulnerabilities is likely to involve a combination of the following measures:

 Filter input on arrival. At the point where user input is received, filter as strictly as possible
based on what is expected or valid input.
 Encode data on output. At the point where user-controllable data is output in HTTP
responses, encode the output to prevent it from being interpreted as active content.
Depending on the output context, this might require applying combinations of HTML, URL,
JavaScript, and CSS encoding.

Ransomware:
Ransome is one of the common cyber attacks.This attack can encrypt the data of our business so that
it can not be used or accessed by anyone. It can stop the working of our business by not giving us
permission of managing products. This kind of attack can harm our website or Mobile App data
where we need to pay for our own data only if hacker wished on decided amount of money to pay.

How Ransomware issue can be handled:

 Do not open untrusted email attachments
 Only download from sites you trust
 Never use unfamiliar USBs
 Use a VPN when using public Wi-Fi

Summary:

Above I have mentioned how security threats regarding software and hackers are possible and how
they can be prevented. Some general issues can occur too like, Driving Challenges with Overseas
Travelers. For many car rental companies, specially in big and popular cities, the biggest challenge
is to deal with overseas customers. There are higher chances of risk and accident with these
travelers. Many travelers are not aware with the traffic rules of the country and some of them
are used to drive on the other side of the road. Some of them never drove on narrow roads with sharp
turns. So, this is a big headache for the rental companies to pay extra attention to such customers . So
in cases like these local issues we can provide software and hardware based guides to our
customer.
CS Department, BUKC 5/2 Semester 6 (Fall 2020)
CSC-358: MIS Assignment 03