FREE Trial

Which preventive, detective, and/or corrective controls would best mitigate the following threats? a. An employees laptop was

Question:

Which preventive, detective, and/or corrective controls would best mitigate the following threats?
a. An employee’s laptop was stolen at the airport. The laptop contained personally identifying information about the company’s customers that could potentially be used to commit identity theft.
b. A salesperson successfully logged into the payroll system by guessing the payroll supervisor’s password.
c. A criminal remotely accessed a sensitive database using the authentication credentials (user ID and strong password) of an IT manager. At the time the attack occurred, the IT manager was logged into the system at his workstation at company headquarters.
d. An employee received an email purporting to be from her boss informing her of an important new attendance policy. When she clicked on a link embedded in the email to view the new policy, she infected her laptop with a keystroke logger.
e. A company’s programming staff wrote custom code for the shopping cart feature on its web site. The code contained a buffer overflow vulnerability that could be exploited when the customer typed in the ship-to address.
f. A company purchased the leading “off-the-shelf” e-commerce software for linking its electronic storefront to its inventory database. A customer discovered a way to directly access the back-end database by entering appropriate SQL code.
g. Attackers broke into the company’s information system through a wireless access point located in one of its retail stores. The wireless access point had been purchased and installed by the store manager without informing central IT or security.
h. An employee picked up a USB drive in the parking lot and plugged it into their laptop to “see what was on it,” which resulted in a keystroke logger being installed on that laptop.
i. Once an attack on the company’s website was discovered, it took more than 30 minutes to determine who to contact to initiate response actions.
j. To facilitate working from home, an employee installed a modem on his office workstation. An attacker successfully penetrated the company’s system by dialing into that modem.
k. An attacker gained access to the company’s internal network by installing a wireless access point in a wiring closet located next to the elevators on the fourth floor of a high-rise office building that the company shared with seven other companies.
Fantastic news! We've Found the answer you've been seeking!

Step by Step Answer:

Answer rating: 55% (9 reviews)

a Preventive Policies against storing sensitive information on laptops and requiring that if any such information must exist on the laptop that it be encrypted Training on how to protect laptops while ...View the full answer


answer-question-section
Answered By
tutor-profile-image
Sandip Nandnawar
I am a B.E (Information technology) from GECA and also have an M.C.M from The University of RTMNU, MH. I worked as a software developer (Programmer and TL). Also working as an expert for the last 6 years and deal with complex assessment and projects. I have a team and lead a team of experts and conducted primary and secondary research. I am a senior software engg and senior expert and deal with all types of CSE and IT and other IT-related assessments and projects and homework.
5.00+ 1+ Reviews 10+ Question Solved
Related Book For  book-img-for-question
Accounting Information Systems

Accounting Information Systems

ISBN: 978-0133428537

13th edition

Authors: Marshall B. Romney, Paul J. Steinbart

See More Books
Question Posted:
See More Questions

Related Video

In everyday life, it sometimes becomes a hassle to park a car in the mall’s parking lot. Usually, it’s difficult to find a convenient location where the car can easily be seen while leaving the mall after shopping.

Students also viewed these Accounting questions

Running Microsoft Windows 98 1st Edition - ISBN: 1572316810 - Free Book