How would you evaluate the following risks that exist at Company X? How would you prioritize which of these risks need to be addressed first?
-Existing file servers are not being backed up
-Users keep post it notes with their login credentials under their keyboards
-Your network firewall is running an operating system that is 5 years old
-No antivirus software is deployed to desktop computers
-VPN access is not being logged
-Company X does not have an acceptable use policy
-Access to the finance system is shared by a common username and password by all employees of the business office.
Answer)
Below are the risks at the Company X which need to be addressed first
Access to the finance system is shared by a common username and password by all employees of the business office.
Company X does not have an acceptable use policy
No antivirus software is deployed to desktop computers
Your network firewall is running an operating system that is 5 years old
Existing file servers are not being backed up
The VPN access is not being logged
Note: Saving the data and making a backup will lead to protecting the data from any data loss, at the same time keeping the application and server and the anti-virus updated will help to prevent any data breach or hacking.
There should be a logged data to monitor is the access is authorized and to check is any suspecting network traffics.
If you like the answer, do hit like.
Hope this answer helps.
Thanks
How would you evaluate the following risks that exist at Company X? How would you prioritize...
TASK Read the Regional gardens case study document before attempting this assignment. Background: You have been employed by Regional Gardens as their first Chief Information Officer (CIO). You have been tasked by the Board to conduct a review of the company’s risks and start to deploy security policies to protect their data and resources. You are concerned that the company has no existing contingency plans in case of a disaster. The Board indicated that some of their basic requirements for...
1. In what ways was Microsoft’s behaviour (a) against
the public interest; (b) in the public interest?
2. Being locked in to a product or technology is only
a problem if such a product can be clearly shown to be inferior to
an alternative. What difficulties might there be in establishing
such a case?
etwork effects Microsoft is a vertically integrated
firm (see page 87), with a dominant position in the operating
system market (i.e. Windows) and in certain application...
CASE 8 Unlocking the Secrets of the Apple iPhone in the Name of access the male San Bernardino suspect's iPhone 5c. Cook stated: Antiterrorism We are challenging the FBI's demands with the deepes respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications While we believe the FBI's intentions are good, if would be wrong for the w e nt to force...
Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...