The following is a list of 8 common security problems. For each problem,
describe why it is a problem, and choose a control plan from this chapter
that would prevent or detect the problem from occurring.
A. Criminals posing as small business owners obtained names,
addresses, and social security numbers from an organizati on whose
business is to give such information only to legitimate customers
who have a right to the data.
B. An executive of a financial services firm implements a wireless
network so that she can work at home from anywhere in her house.
After setting up the network, she logs on using the default password.
C. An organization?s top salesman uses a computer grade instant
messaging (IM) client (e.g AOLInstant Messaging). Such clients
bypass antivirus and spam software, don?t have auditing and
logging capabilities, and allow users to choose their IM names.
D. A financial analyst?s laptop was stolen from his car. The laptop
contained the names and social security numbers of 16,500 current
and former employees.
E. To keep track of the passwords used to access various computer
systems, employees create Work documents listing their passwords
and store the document with the name ?passwords.doc?
F. Tapes that included information on 3.9 million credit card customers
were lost in transit to credit bureau. Data included names, social
security numbers, and payment histories.
G. Private and sensitive information is sent to multiple persons via e mail. The e-mails include all addressee names within the email
H. An individual made millions by purchasing bank account
information from eight employees of various banks. He had
approximately 676,000accounts in his database. Some bank
employees were accessing up to 500 customer accounts each week to
obtain the account information that they were selling