Match each of the following threats with the appropriate control that would mitigate the threat. An...
Fantastic news! We've Found the answer you've been seeking!
Question:
![image text in transcribed](https://s3.amazonaws.com/si.experts.images/answers/2024/05/6651ffc451f48_9236651ffc3b6ae0.jpg)
Transcribed Image Text:
Match each of the following threats with the appropriate control that would mitigate the threat. An employee's laptop was stolen at the airport and the laptop contained personally identifying A. The CIRT and their contact information should be clearly communicated to all employees. Also, information about the company's customers that could potentially be used to commit identity the CIRT should practice the incident response plan. theft. A salesperson successfully logged into the payroll system by guessing the payroll supervisor's password. A criminal remotely gained access to a sensitive database using the authentication credentials (user ID and strong password) of an IT manager. At the time the attack occurred, the IT manager was logged into the system at his workstation at company headquarters. An employee received an email purporting to be from her boss informing her of an important new attendance policy. When she clicked on a link embedded in the email to view the new policy, she infected her laptop with a keystroke logger. An employee picked up a USB drive in the parking lot and plugged it into their laptop to "see what was on it," which resulted in a keystroke logger being installed on that laptop. Once an attack on the company's website was discovered, it took more than 30 minutes to determine who to contact to initiate a response. B. Implement physical and logical security and the system should reject a user's remote log-in attempt if that same user is already logged in at a local workstation. Also, the system should notify appropriate security staff about any unsuccessful log-in attempts. C. Security awareness training for employees should include awareness regarding phishing scams. Also, anti-spyware software should be installed that automatically checks and cleans all detected spyware on an employee's computer as part of the log-on process for accessing a company's information system. D. Strong password policies should be implemented, such as at least an 8 character length, use of multiple character types, random characters, and a requirement that passwords be changed frequently. Also, the system should be locked automatically after a certain number of unsuccessful login attempts. E. Implement policies against storing sensitive information on mobile devices and provide training on how to protect mobile devices to prevent the risk of theft. F. Security awareness training should be provided which teaches employees to refrain from using storage devices which do not belong to them. Also, anti-spyware software should be installed that automatically checks and cleans all detected spyware on an employee's computer as part of the logon process. Match each of the following threats with the appropriate control that would mitigate the threat. An employee's laptop was stolen at the airport and the laptop contained personally identifying A. The CIRT and their contact information should be clearly communicated to all employees. Also, information about the company's customers that could potentially be used to commit identity the CIRT should practice the incident response plan. theft. A salesperson successfully logged into the payroll system by guessing the payroll supervisor's password. A criminal remotely gained access to a sensitive database using the authentication credentials (user ID and strong password) of an IT manager. At the time the attack occurred, the IT manager was logged into the system at his workstation at company headquarters. An employee received an email purporting to be from her boss informing her of an important new attendance policy. When she clicked on a link embedded in the email to view the new policy, she infected her laptop with a keystroke logger. An employee picked up a USB drive in the parking lot and plugged it into their laptop to "see what was on it," which resulted in a keystroke logger being installed on that laptop. Once an attack on the company's website was discovered, it took more than 30 minutes to determine who to contact to initiate a response. B. Implement physical and logical security and the system should reject a user's remote log-in attempt if that same user is already logged in at a local workstation. Also, the system should notify appropriate security staff about any unsuccessful log-in attempts. C. Security awareness training for employees should include awareness regarding phishing scams. Also, anti-spyware software should be installed that automatically checks and cleans all detected spyware on an employee's computer as part of the log-on process for accessing a company's information system. D. Strong password policies should be implemented, such as at least an 8 character length, use of multiple character types, random characters, and a requirement that passwords be changed frequently. Also, the system should be locked automatically after a certain number of unsuccessful login attempts. E. Implement policies against storing sensitive information on mobile devices and provide training on how to protect mobile devices to prevent the risk of theft. F. Security awareness training should be provided which teaches employees to refrain from using storage devices which do not belong to them. Also, anti-spyware software should be installed that automatically checks and cleans all detected spyware on an employee's computer as part of the logon process.
Expert Answer:
Posted Date:
Students also viewed these accounting questions
-
The Price-to-Book-value ratio is often used by investors to indicate whether a stocks price is particularly high or low relative to the value of the company. But different market sectors expect...
-
Preparing journal vouchers and posting; prorating service department costs. The management of Western Furniture, Inc., producers of wooden chairs, has decided that the process cost accounting system...
-
What is a voting proxy? LO3
-
Upton Corporation has the following transactions during August of the current year. Indicate (a) the basic analysis and (b) the debitcredit analysis illustrated on pages 121126. Aug. 1.Issues shares...
-
A sales representative in a shopping centre handed Karl a flyer promoting a style cut and shave for $12 at Lion's Mane Barber Shop. As he was actually in need of a haircut and shave, Karl dropped by...
-
Watershed is a media services company that provides online streaming movie and television content. As a result of the competitive market of streaming service providers, Watershed is interested in...
-
Premium Fender uses a standard cost system and provide the following information: (Click the icon to view the information.) Premium Fender allocates manufacturing overhead to production based on...
-
Janet Stein wants to buy a food truck when she graduates from college in two years. She has the following sources of money: She has $6000 in the bank in an account paying 8% compounded quarterly. She...
-
It's mid-December and Marie is finalizing her divorce. Generally, she and her soon to be ex-spouse have been amicable, and Marie is looking forward to being single. The divorce attorneys will be...
-
What is the goodwill at the acquisition date? What is the ECOBV amortization? 3. What is the consolidated total of non-controlling interest appearing on the balance sheet? 4. Prepare the...
-
Valley Company's adjusted account balances from its general ledger on August 31, its fiscal year-end, follows. It categorizes the following accounts as selling expenses: sales salaries expense, rent...
-
Question One a)What happens to the budget line if the price of good 2 increases, butthe price of good 1 and income remain constant? b)If the price of good 1 doubleand the price of good 2 triples,...
-
Refer to Thinking and Problem-Solving question
-
In that question, we assumed that the consumer earned $50 in period 1 and $150 in period 2, and that saving and borrowing were both interest-free. Lets see if we cant add even more real-life detail...
-
Consider Facts and Tools question 2. Explain the income and substitution effects of the price changes on your optimal consumption bundle when the latte and scone prices increased, but your income did...
![Mobile App Logo](https://dsd5zvtm8ll6.cloudfront.net/includes/images/mobile/finalLogo.png)
Study smarter with the SolutionInn App