questions 1 2 3

agreed to serve as an extension of KCS, deliveri a system and related security support services, including and reporting on security-related events rts for insights into company resource uti configuring, and monitoring a system of next-gene Installing, Providing network usage reports Upgrading the network for in Investigating, responding to, secu rit on an ongoing basis by implementing the latest ork-related costs ise to reduce network complexity and contain network enhancements . Providing experti appliances to protec Control aach of Fairplay's locations. This work was completed overnight in a single ni business disruption. rent Fairplay security controls with those required by the PCI DSS. Cont Scan's initial project was installing next-generation firewall a ControlScan then conducted a thorough PCI ga DSS. ControlScan developerd a y marg set of recommendations and options for eliminating the gaps, giving Faipla ment a roadmap to achieve full PCI DSS compliance. Finally, ControlScan did a fulrevien of Faiplay's existing information systems and security policies, working with the chain's I to tweak and customize policies where necessary. Critical Thinking Question:s 1. What advantages does the use of an MSSP offer a small retailer such as Fairplay? Cer you think of any potential drawbacks of this approach? Is there a danger in placing 10 much trust in an MSSP? Explain. 2 Data breaches at major retailers, such as Neiman Marcus, Target, and others, in recer years have shown that compliance with the PCI DSS is no guarantee aainst an mese (see Jaikumar Vijayan, "After Target, Neiman Marcus Breaches, Does Mean Anything? Computerworld, January 24, 2014). If you were a m management team, what additional actions would you take to protect your mplank member of Faipa credit card data? protect your cus 3. Do research online to gain insight into the evolution of the uaor changes were made in moving from PCl 2.0 to PCI 3.0? What c PCI DSS standard. h suggested for future versions of the PCI standard? What changes are ces: 'About Stores with www.kcstech.com (accessed March 12, 20ncomtaa omp KCS Computer chain-stores-with-controlscan-managed-security-services www pocomplianceguide org/pci-faqs-2/#1 (accessed Ap Fairplay, Fairplay, www.fairplayfoods.com/about (accessed Apri reco Finer Managed Security Services," ControlScan, www.controisFP Foods h 12, 2016); "Fe 2. Sony's Response t (accesse ril 12, 2016). pril 12, 2016); PCI FAQs, PCI CO