Scribd
Upload
126 views2 pages

Info Security Assi.

The document contains a case study about security incidents at a research company. It describes two incidents: 1) a manager walked out with papers, showing a lack of security measures. 2) an outsider accessed company information and blueprints, showing issues with access controls. It then lists security gaps, vulnerabilities, threats, risks, and exploits seen in the incidents. Finally, it recommends steps to prevent future incidents like implementing access controls, monitoring entry points, and establishing protocols to monitor workers.

Uploaded by

Emmanuel Appiah
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
126 views2 pages

Info Security Assi.

The document contains a case study about security incidents at a research company. It describes two incidents: 1) a manager walked out with papers, showing a lack of security measures. 2) an outsider accessed company information and blueprints, showing issues with access controls. It then lists security gaps, vulnerabilities, threats, risks, and exploits seen in the incidents. Finally, it recommends steps to prevent future incidents like implementing access controls, monitoring entry points, and establishing protocols to monitor workers.

Uploaded by

Emmanuel Appiah
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

NAME :APPAH AKWASI EMMANUEL

COURSE:COMPUTER AND INFORMATION SECURITY


INDEX NUMBER :BIT10014814
DATE :1st FEBRUARY,2023

QUESTION

You are a security officer working for a medium-sized research company. You have been
assigned to guard the facility. Two incidents occur. The first, a well-known manager walks out
with a box of papers. The second, someone believed to be an outsider assesses the company
information and goes away with the company blue prints for the next generation product.
Briefly list all security gaps, vulnerabilities, threats, risks, and exploits.
Describe how these incidents can be overcome.

SOLUTION

1 . SECURITY GAPS
 The first incident involved a well-known director leaving with a case of papers, showing that
there were no real security measures in place and no procedures for obtaining confidential
information.

2. VULNERABILITIES
 The second incident, in which a third party gained access to company data and designs, shows
that there are no access controls in place, such as reliable confirmation and approval
procedures.

3. THREATS
 The first incident also emphasizes the danger of insider threats, where workers with
authorized access to sensitive information may purposefully or accidentally abuse or steal it.
 An external threat, such as an unauthorized person breaking into the website and obtaining
access to valuable information and resources.
 Physical theft, such as robbing someone of tangible assets like highly classified documents or
machinery.
4. RISKS
 Theft or loss of assets containing sensitive information that harms the company's profits or
reputation.
 Violations of the law and rules, include failing to secure personal data and data breaches.

5. EXPLOITS
 In the case of the first incident , physical theft, such as robbing someone of tangible assets
like highly classified documents or machinery.
 In the case of the first incident , theft and improper use of sensitive data in the case of the
second event, which is an example of information exploitation.

The following steps can be taken to prevent these incidents:


 Use data encryption, backup, and disaster recovery to identify potential security threats and
ensure that the company's critical information is effectively protected.
 Put in place the necessary practical safety measures, such as access control frameworks,
cameras, and security personnel to monitor and manage entry to the office.
 Establish protocols and procedures to monitor and stop workers who exhibit dubious conduct,
and launch staff education campaigns to better convey the importance of data protection.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy