Question
The internal auditor for ELC Consulting Inc., a company specializing in online consulting services, noticed that the estimated time for an eventual attack to their
The internal auditor for ELC Consulting Inc., a company specializing in online consulting services, noticed that the estimated time for an eventual attack to their systems is only about 30 minutes. In addition, it takes between 8 to 18 minutes to detect the attack and notify appropriate security staff. However, the problem can be fixed, and corrective actions could be implemented within a short time, between 6 to 15 minutes depending on the attack and time of the day.
Does the company satisfy the requirements of the time-based model of security? Why or why not? )
Suppose the company decides to invest $10 K to minimize eventual attacks and threats, and will have the three options. Which one would you recommend and why?
Increase the estimated time to penetrate the system by 2 minutes.
Reduce the time to detect an attack to between 5 minutes (best case) and 12 minutes (worst case).
Reduce the time required to implement corrective actions to between 4 minutes (best case) and 13 minutes (worst case).
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started