Page 114 - Data Science class 11
P. 114

5.  What are the three main ways data ecosystems provide value to companies?
          Ans.  The three main ways data ecosystems provide value to companies are:
               •  Growth: Data ecosystems allow firms to pursue new business opportunities by extending their core business or even
                 enable completely new products. For example, credit-card processors have created strategic insights on customer
                 shopping journeys and buying details that they provide with retailers and brands.
              •  Productivity: Data ecosystems help firms improve operations. Online travel portals that offer insights into customer
                 behaviour can help airlines and hotels plan for demand and set prices based on demand.
              •  Risk reduction: Data ecosystems are crucial in reducing risk, especially for industry groups in which every member
                 contributes data. For example, pool data to identify fraudulent transactions and accounts in banks.

            6.  Differentiate between Malicious Insider and Negligent Insider.
          Ans.  •   The Malicious Insider: Malicious Insiders are the ones who intentionally steal data. It could be an employee or a
                 contractor who may exfiltrate valuable information (like Intellectual Property (IP), Personal Identifiable Information
                 (PII), or financial information) to gain financial incentive or a competitive edge. A malicious insider may also be the
                 one who holds a grudge for being let go or furloughed.
              •  The  Negligent  Insider: Negligent  insiders are ordinary  employees who  have made a  mistake.  It could  be  an
                 employee who might have sent an email containing sensitive data to the wrong person, emailed company data to
                 personal accounts to complete some work during the weekend, fallen prey to a phishing or spear phishing attack,
                 or lost their work device.
            7.  What are the various methods an external attacker can use to gain access to internal systems and data?
          Ans.  There are various methods an external attacker can use to gain access to internal systems and data:
               •  Social  engineering  and  phishing  attacks: In this, sensitive information can be guessed or acquired through
                 employees. For example, an outsider posing as a known in the company.
                •  Hacking: It is through hacking that malicious individuals gain access to code and authentication systems via security
                 loopholes.
               •  Ransomware: It is defined as a malicious code that encrypts existing files. Once, the encryption is employed, the
                 attacker demands ransom money from victim in exchange for releasing the data.
               •  Denial of Service (DoS) Attacks: This attack makes websites or online services unreachable by users by flooding
                 the server with requests.
               •  Physical  theft: When through theft, an unauthorised access through a system or devices like mobile phones,
                 laptops, etc. is made, allowing users access to sensitive data, this is known as physical theft.
               •  Malicious USB drop attack: It happens when hackers get malware onto a system by leaving pen drive loaded
                 with malicious software in a place where they know such pen drives will be picked up and plugged into systems by
                 someone due to curiosity.
               •  3rd-party apps: Hackers use such apps to infect systems with malware. Gooligan is one such example of a 3rd-party
                 app.


                                                 Unsolved Exercise



             Objective Type Questions (Section A)


        A.  Tick ( ) the correct option.
            1.  Which among the following is not a malware?
              a.  Viruses                                        b.   worms
              c.  trojans                                        d.   cipher

            2.  Which among the following is a major pillar for good data management?
              a.  Strategy and Governance                        b.   Standards

              c.  Decryption                                     d.   Both a and b

          112   Touchpad Data Science-XI
   109   110   111   112   113   114   115   116   117   118   119