- You are a member of the human resources department of a software manufacturer that has several products and annual revenue in excess of $500 million. You’re on the phone with the manager of software development who has made a request to hire a notorious black hat hacker to probe your company’s software products in an attempt to identify any vulnerabilities. The reasoning is that if anyone can find a vulnerability in your software, she can. This will give your firm a head start on developing patches to fix the problems before anyone can exploit them. You feel uneasy about hiring people with criminal records and connections to unsavory members of the hacker/cracker community and are unsure if you should approve the hire. Provide three good reasons to hire this individual.
Provide three good reasons not to hire this individual. How would you respond to this request? Why?
- Review and answer the security questions in Table 3-5. Based on this self-assessment, what changes do you need to make in order to better protect the security of your (or your organization’s) information systems and data?
Table 3-5 - Your team has been assigned responsibility to identify an appropriate MSSP provider for a small, rural hospital. What criteria will you use to select an appropriate provider? Do research online to identify three MSSP providers. Use the criteria you established to rate each of the three, and choose the one that would be best for the hospital.
- You and your team have been hired to assess the computer security of a small retailer. Where would you begin your assessment? What would you look for?
- It appears that someone is using your firm’s corporate directory—which includes job titles, email addresses, and phone numbers—to contact senior managers and directors via text message. The text message requests that the recipient click on a URL, which leads to a website that looks as if it were designed by your human resources organization. Once at this phony website, the employees are asked to enter their bank routing number and account number to be used for electronic deposit of their annual bonus check. You are a member of the IT security group for the firm. What can you do?
- You are the manager of the IT organization of a small business. The owner calls you late one night and tells you that she just received an anonymous call demanding payment of $10,000 or the company’s customer database will be encrypted and made inaccessible by a logic bomb that has already been planted in the firm’s billing system. What do you say? What can you do?
- Your classmate tells you that he has been working all semester to create a blended threat and that he plans to test it against the university’s computer systems this weekend. What do you say?
- You are one of the top students in your university’s computer science program of 100 students, and you have agreed to meet with a recruiter from the Department of Homeland Security. Over dinner, he talks to you about the increasing threat of cyberterrorist attacks launched on the United States by foreign countries and the need to counter those attacks. The agency has a strong need for people who can both develop and defend against zeroday exploits that could be used to plant malware in the software used by the government and military computers. At the end of the dinner, the recruiter asks, “Would such a role be of interest to you?” How do you respond?
- You are a computer security trainer for your firm’s 200 employees and contract workers. What are the key topics you would cover in your initial half-hour basic training program on security for non-IT personnel? What sort of additional security-related training might be appropriate once people have the basics covered?
Do you need urgent help with this or a similar assignment? We got you. Simply place your order and leave the rest to our experts.