QUESTION 1 Match each of the following threats with the appropriate control that would mitigate the threat. An employee's laptop was stolen at the airport and the laptop contained personally identifying information about the company's customers that could potentially be used to commit identity theft. A salesperson successfully logged into the payroll system by guessing the payroll supervisor's password. A criminal remotely gained access to a sensitive database using the authentication credentials (user ID and strong password) of an IT manager. At the time the attack occurred, the IT manager was logged into the system at his workstation at company headquarters. An employee received an email purporting to be from her boss informing her of an important new attendance policy. When she clicked on a link embedded in the email to view the new policy, she infected her laptop with a keystroke logger. An employee picked up a USB drive in the parking lot and plugged it into their laptop to "see what was on it," which resulted in a keystroke logger being installed on that laptop. Once an attack on the company's website was discovered, it took more than 30 minutes to determine who to contact to initiate a response. A. Implement physical and logical security and the system should reject a user's remote log-in attempt if that same user is already logged in at a local workstation. Also, the system should notify appropriate security staff about any unsuccessful log-in attempts. B. Security awareness training for employees should include awareness regarding phishing scams. Also, anti-spyware software should be installed that automatically checks and cleans all detected spyware on an employee's computer as part of the log-on process for accessing a company's information system. C. Security awareness training should be provided which teaches employees to refrain from using storage devices which do not belong to them. Also, anti-spyware software should be installed that automatically checks and cleans all detected spyware on an employee's computer as part of the logon process. D. The CIRT and their contact information should be clearly communicated to all employees. Also, the CIRT should practice the incident response plan. E. Strong password policies should be implemented, such as at least an 8 character length, use of multiple character types, random characters, and a requirement that passwords be changed frequently. Also, the system should be locked automatically after a certain number of unsuccessful login attempts. F. Implement policies against storing sensitive information on mobile devices and provide training on how to protect mobile devices to prevent the risk of theft.

Match cach of the following threats with the appropriate control that would mitigate the threat. An employee's laptop was stolen at the airport and the laptop contained personally identifying information about the company's customers that could potentially be used to commit identify theft. A salesperson successfully logged into the payroll system by guessing the payroll supervisor's password. A criminal remotely gained access to a sensitive database using the authentication credentials (user ID and strong password) of an IT manager. At the time the attack occurred, the IT manager was logged into the system at his workstation at company headquarters. An employee recelved an email purporting to be from her boss informing her of an important new attendance policy. When she clicked on a link embedded in the email to view the new policy, she infected her laptop with a keystroke logger. An employee picked up a USB drive in the parking lot and plugged it into their laptop to "see what was on it, "which resulted in a keystroke logger being installed on that laptop. Once an attack on the company's website was discovered, it took more than 30 minutes to determine who to contact to initiate a response. A. Implement physical and logical security and the system should reject a user's remote log-in attempt if that same user is already logged in at a local workstation. Ass, the system should notify appropriate security staff about any unsuccessful log-in attempts. B. Secunty awareness training for employees should include awareness regarding phishing scams. Aso, ant-spywaro soffware should be installed that automatically checks and cleans all detected spyware on an employee's computer as part of the log-on process for accossing a company's information system. C. Security awareness training should be provided which teaches employees to refrain from using storage devices which do not belong to them. Also, anti-spyware software should be instalied that automatically checks and cleans all detected spyware on an employee's computer as part of the logon process. D. The CIRT and their contact information should be clearly communicated to all employees. Also, the CIRT should practice the incident response plan. E. Strong password policies should be implemented, such as at least an 8 character length, use of multiple character types, random characters, and a requirement that passwords be changed frequently. Aso, the system should be locked automatically after a certain number of unsuccessful login attempts. F. Implement policies against storing sensative information on mobile devicos and provide training on how to protect mobile devices to prevent the risk of theft