ZuoTi.Pro
Question

1. You work for a cyber security consulting company. Your company has been called in to...

1. You work for a cyber security consulting company. Your company has been called in to assist a Gas Company take an audit of their security posture and make suggestions on how to improve their cyber security standing.

A) What are some of the initial questions you would want to ask? What are some of the details and information you'd want to initially get from the company to start your assessment? What is important to know from the start?

B) Once you have gotten a broad picture of the company it would be time to start looking deeper into the company and the companies assets. Tell me an approach to this? What are the basic steps involved? Who would you want to talk to in the company? What documentation or resources can you use?

engineering   Computer-Science   
0 0
Add a comment Improve this question Transcribed image text
Next > < Previous
Sort answers by oldest

Homework Answers

Answer #1

My basic questions to begin with would be:

  1. Do you have any published IT policy document in place.
  2. How is the access to sensitive data is managed.
  3. What is the back up plan for system/server crash.
  4. How the security of the data is handled.
  5. Are the staff aware of the existing IT policy.
  6. Are all softwares up-to-date
  7. Do you have the business continuity plan in place.
  8. What is the disposal process of IT assets.

The basic approach would be to risk based approach. I would first clearly define the scope of audit and prioritize the audit process. The IT manager would I approach for my question and derive the threat assessment of the current situation. I would also seek information on the employees engagement on the awareness of the potential cyber threats, whether there is any program for educating about dos and don'ts. Getting the governing document and verifying whether it is being followed or not would be my next step. Checking on the history of the organization on any kind of cyber attack, any incident of malware infection and data breach will help me to assess the current preparedness to deal with such situations. An update on the latest industry trend in the cyber security can help to do the benchmarking for the organization for which the audit is proposed and done. Taking a note of the periodic update on the existing softwares and back up data plan will be my preference to dig deeper and find the real scenarios.

0 0
Add a comment
Know the answer?
Add Answer to:
1. You work for a cyber security consulting company. Your company has been called in to...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions

  • Consulting work: Work on your own (graded) When you decided to start your consulting company, you...

    Consulting work: Work on your own (graded) When you decided to start your consulting company, you were previously earning S 50,000/year working for the large private consulting company Accenture. When you started the business it cost $ 100,000 to rent an office building, purchase computers, furniture and other office equipment. What was your opportunity cost f opening your own consulting company?

  • You have been assigned to work with a small company that manufactures a popular product. However,...

    You have been assigned to work with a small company that manufactures a popular product. However, a competitor begins selling a very similar product which incorporates state of the art technology. What would you advise your client to do? You're consulting with a large pharmacy with stores in multiple states. This company has improved sales but experienced a decrease in revenue. As a result, it is contemplating store closings. Explain how you'd advise this client? The firm has assigned you...

  • SSTCR9.2 At a department meeting, your manager, Ms. Tia Petersen, discusses a memo regarding company security....

    SSTCR9.2 At a department meeting, your manager, Ms. Tia Petersen, discusses a memo regarding company security. She shakes her head and says, “This is the second memo the managers have received about security leaks. One of our competitors has just introduced a new product, and it’s identical to a product we have been working on. Apparently they discovered our plans. The president wants our thoughts on how to improve our product security. In addition to the main shredder in the...

  • You work in a small factory that produces one product. You have learned that your factory...

    You work in a small factory that produces one product. You have learned that your factory will deemphasize the current product line in favor of two new items. There are rumors of plans to lay off some of the current workers, change job classification systems and hire more engineers and computer technicians. You have no union and no legal standing, but, in the past, when problems arose in your department, your coworkers always asked you to represent them. The word...

  • You will want to compute ratios for your company for the last two years. Do not...

    You will want to compute ratios for your company for the last two years. Do not compute each ratio you learned about for your company. There may be some that are not relevant. Rather focus on those eight ratios that you feel are the most important and relevant to analyze how your company is doing. Make sure to justify the ratios that you choose for your analysis. Compare how your company has done to the industry averages. Do you notice...

  • 18. You have been hired by a dairy company to assist in their cow breeding program....

    18. You have been hired by a dairy company to assist in their cow breeding program. They have a population of cows from which they have calculated the phenotypic and genotypic variance values for milk fat content. With this information, they want you to find the broad sense heritability of milk fat content in their herd. Variance Type Phenotypic Additive Genetic Dominance Epistatic Value for Cows 82.3 33.4 24.7 15.9 b. They now want to alter the milk fat content...

  • The discussion: 150 -200 words. Auditing We know that computer security audits are important in business....

    The discussion: 150 -200 words. Auditing We know that computer security audits are important in business. However, let’s think about the types of audits that need to be performed and the frequency of these audits. Create a timeline that occurs during the fiscal year of audits that should occur and “who” should conduct the audits? Are they internal individuals, system administrators, internal accountants, external accountants, or others? Let me start you: (my timeline is wrong but you should use some...

  • Your audit firm has just been engaged to replace the prior year auditor at Apple, an...

    Your audit firm has just been engaged to replace the prior year auditor at Apple, an international consumer electronics manufacturing company headquartered in the Philadelphia area. Apple has a fiscal year-end of 3/31/19 and produces affordable electronics products that offer the same functionality as brand name products but at a lower price point. Apple has revenues of $50M annually is growing exponentially, with greater than 50% growth in each of the last 5 years.   You have just been assigned as...

  • I am consulting you on this situation, individually, for your expert advice. We have been approached...

    I am consulting you on this situation, individually, for your expert advice. We have been approached by a large restaurant franchise that is having trouble staying competitive in the casual dining market. This client’s performance had been slipping, employees are becoming disengaged. As part of their strategy to stay competitive, the company has strategically decided to add a line of upscale food and alcoholic beverages to their menu. The CEO of this company has asked for our consultation services. She...

  • You have been hired at an audit firm as a first year staff. This firm requires...

    You have been hired at an audit firm as a first year staff. This firm requires that all references to generally accepted accounting principles in the audit workpapers include the corresponding FASC citation (topic and subtopics). Below are three independent situations found at your clients that require research and documentation. For each question, (1) provide the citation number (topic and subtopic) that addresses the question and (2) answer the question. Document this under the question, indenting your answer or otherwise...

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT