You decide to prepare a security checklist for Personal Trainer. Prepare a list of security issues that the firm should evaluate and monitor. Be sure to organize the items into categories that match the six security levels.
What will be an ideal response?
Answers will vary. Instructors can refer to the list of issues in Question 9. In addition, a company might use the following checklist to assess security and prepare for future security threats and problems:
Physical Security Issues
• Computer room security
Biometric scanning systems
Motion sensors
• Servers and desktop computers
Keystroke loggers
Tamper-evident cases
BIOS-level passwords; boot-level passwords; power-on passwords
• Mobile devices
Universal Security Slot (USS)
Tracking software
Stringent password requirements
Account lockout thresholds
Network Security Issues
• Encrypting network traffic
Encryption vs. plain text
Public key encryption
• Wi-Fi Protected Access (WPA)
Wired Equivalent Privacy (WEP)
Private networks
Tunnels
Virtual private networks
• Ports and services
Destination ports
Services
Port scans
Denial of service attacks
Firewalls
Protocols that control traffic
Application Security Issues
Services
Security holes
Permissions
Input validation
Patches and updates
File Security Issues
Permissions
User groups
User Security Issues
Identity management
Password protection
Social engineering
User resistance
Procedural Security
Establish clear managerial policies and controls.
Build a corporate culture that stresses security.
Define how particular tasks are to be performed.
Stress employee responsibility for security.
Guard against dumpster diving.
Use paper shredders and instruct employees as to when, why, and how they are used.
Develop a system of classification levels and communicate it effectively.
?
You might also like to view...
MC XML marks up data using__________ , which are names enclosed in __________.
a) elements, parentheses (()). b) tags, square brackets ([]). c) tags, angle brackets (<>). d) None of the above.
Case-Based Critical Thinking QuestionsCase 22-1Ethan is in charge of Internet security for a small company. Employees are often asking him questions related to their identity and privacy online, as well as about some phishing schemes. Below are three of these questions. I have received an e-mail that warns about a devastating new virus, tells how to remove it, and encourages me to notify all my friends. What is this e-mail called?
A. an infection hoax B. a virus warning C. a virus hoax D. a virus scam
When you export data from Access to Excel, the fields in Access become ________ in Excel
Fill in the blank(s) with correct word
The only language a computer can understand is
a.Basic b.Machine language c.The Alice programming language d.Java e.None of these