You have determined that the cost of an encrypted network connection between your internal database server and internal application server outweighs the likelihood of an attacker accessing the network connection. Which risk management technique are you most likely to use and why? Justify your selection.
It is important to understand the types of “weapons” your opponent will use against you in the war for IT security. In your own words, describe the characteristics of two of the Attack tools discussed in the text and explain how you would protect against them.
You have just taken on the role of the senior IT security engineer for an art gallery that wants to start selling their works on-line. The CEO wants to understand the gallery’s current state of IT security before authorizing Internet sales to begin. You will first need to define a security audit plan. List and describe the eight audit data collection methods presented in the textbook.
Widgets Incorporated’s computer network was recently attacked. The Chief Information Officer (CIO) wants IT to implement a log management system to allow them to monitor suspicious activities. You have been hired to implement a security plan. Discuss what log management is, how it is used, how it can be used to provide stronger security. Explain any advantages or disadvantages of using this approach.