1a - Understanding how internal threats occur

Question 1

What is end point security?

Answer 1

software set on the device managed server side that monitors/protects the device by enabling wipes and lost device messages

Question 2

What helps mitigate employee theft?

Answer 2

end point security, cctv, asset audits,

Question 3

Some examples of employee sabotage.

Answer 3

deliberately faulty products (such as code), destruction of assets, blackmail

Question 4

List ways to mitigate physical unauthorised access by employees and other users

Answer 4

CRA (controlled room access), badges, cards (employee and guest), key fobs, biometrics, physical keys.

Question 5

List ways to mitigate digital unauthorised access by employees and other users

Answer 5

TUA (tiered user access), passwords and pw policies, network segmentation, correct user permissions through Active Directory Domain Systems

Question 6

Define corporate espionage

Answer 6

Corporations trying to obtain information and data they are not supposed to have

Question 7

Mitigate damage from fire, floods, power loss etc…

Answer 7

Off-site backups, top floor server rooms (floods), halon fire suppression (server rooms)

Question 8

How to mitigate accidental digital cybersecurity threats?

Answer 8

UAC, firewalls, keyloggers, white/black lists.

Question 9

How to prevent unsafe hiring practices?

Answer 9

CVs/cover letters as part of vetting process, DBS checks

Question 10

Mitigate accidental loss or disclosure of data?

Answer 10

private data can only be seen by those who need it, strict policy on moving data (especially out of office)