Check My Work

You$$re helping to on$-$board a new employee who will be spending some time working from home as well as traveling twice a month for meetings with clients.

Employee:

Actually, I just bought a new tablet recently that I really like. Will I be able to use that tablet for work?

You:

Yes, we have a

Select

so you can use your tablet to access company computing resources and applications.

Employee:

That's good to hear. Will you have to make any changes to it before I can use it for work?

You:

We'll scan it for any security vulnerabilities and apply the necessary

Select

to close those gaps.

Employee:

Does that mean my tablet will be safe going forward?

You:

Not necessarily. For example, a$($n$)$

Select

could take advantage of a newly discovered vulnerability before it's patched.

Computer crimes are committed by a wide variety of people, some who intend harm and some who are careless or themselves the victim of computer crime. The type of perpetrator somewhat indicates the kind of damage that is most likely to result from a particular cyberattack.

Identify which type of perpetrator is at work in each scenario.

Cybercriminal

Malisa uses her laptop to sign onto her company's database server from an open Wi$-$Fi connection at a local coffee shop.

Cyberterrorist

Derek uses his old account credentials to sign into his former employer's network to get information on some of his old clients.

Careless

insider

Erica is late to work because a computer virus shut down the city's bus system.

Malicious

employee

Ashleigh hacks into a local store's payment processing system and transfers money to her PayPal account.

Hacktivist

Jeffrey steals emails from one of his state's political candidates and posts the emails anonymously online.

The impact of a successful cyberattack can be serious and long lasting. After the obvious, direct impact on the valuable assets that were damaged, stolen, or compromised, long$-$term damage in other areas of the business$$s processes and information systems can bring the overall cost of the attack far beyond initial losses.

You work for a retail chain that recently experienced a data breach, resulting in the exposure of customers' email addresses, mailing addresses, and even some credit card numbers. Identify the type of impact on the business identified in each consequence of this data breach.

Direct

impact

Your company's IT operations team works around the clock to identify how the breach occurred and implement needed patches to prevent further damage.

Legal

consequences

Shareholders experienced a $19\%$ drop in share value in the $24$ hours after the breach was publicized.

Business

disruption

The company offers one year of consumer credit monitoring for customers whose credit information was compromised.

Reputation

damage

Sales activity for the quarter drops by $22\%,$ a tough hit in the middle of a holiday shopping season.

Recovery

cost

Your company's customer service line is slammed with phone calls from angry customers wanting to know if their data is included in the breach.

You$$ve been hired by a large travel and tourism agency to upgrade their security systems. There are several specific areas of concern they$$d like you to address and make recommendations.

First, the agency is concerned about protecting their internal network where they host some servers, databases, and several workstations. Due to their global exposure with travel activities around the world, they've experienced some fairly sophisticated attacks on their network. You discover they're using an older firewall that simply isn't designed to protect against today's technologies. What would be a better alternative to protect their network resources?

a$.$ Biometric authentication

b$.$ Proxy server

c$.$ NGFW

d$.$ TLS

Next, they're concerned about ways their network has been exposed to viruses due to employees using company computers to visit international Web sites with questionable security. What can you add to the network to offer the company better control over which Web sites are approved for business interactions?

a$.$ VPN

b$.$ Proxy server

c$.$ Data encryption

d$.$ Two$-$factor authentication

After deploying several of the recommended security improvements, you suggest that the final and most important step in protecting the organization's security perimeter is

Select

$.$

Your CEO arrives at work on Monday morning and is acting more stressed and irritable than usual. You$$re a little nervous when you$$re called in for a meeting with him, but you soon find out the cause of his distress. Over the weekend, he met up with a friend of his from college, who is also a CEO. The friend$$s company was recently hacked, resulting in a severe data breach. Their company is potentially facing a class action lawsuit and possible bankruptcy.

CEO:

I need to know where we stanCheck My Work

You$$re helping to on$-$board a new employee who will be spending some time working from home as well a