You are presented with a list of some risks and threats associated with the seven domains of a typical IT infrastructure. Below the list, the solutions or preventive actions to manage those risks and threats are listed.
Write the letter of the correct solution or preventative action in the blank to the right of each risk or threat.
Risks or threats:c
1. Violation of a security policy by a user _c______
2. Disgruntled employee sabotage ___K_____
3. Download of non-business videos using the
Internet to an employer-owned computer _A_______
4. Malware infection of a user’s laptop __L_____
5. Unauthorized physical access to the LAN __d______
6. LAN server operating system vulnerabilities _f_______
7. Download of unknown file types from unknown sources by local users _b_______
8. Errors and weaknesses of network router, firewall, and network
appliance configuration file __h______
9. WAN eavesdropping __i______
10. WAN Denial of Service (DoS) or Distributed Denial of
Service (DDoS) attacks ____G____
11. Confidential data compromised remotely __M______
12. Mobile worker token stolen __N______
13. Corrupt or lost data _e_______
14. Downtime of customer database ___J_____
Solutions or preventative actions:
A. Enable content filtering and antivirus scanning at the entry and exit points of the Internet. Enable workstation auto-scans and auto-quarantine for unknown file types.
d. Apply file transfer monitoring, scanning, and alarming for unknown file types and sources.
d. Place employee on probation, review acceptable use policy (AUP) and employee manual, and discuss status during performance reviews.
d. Apply filters on exterior Internet Protocol (IP) stateful firewalls and IP router WAN interfaces.
d. Implement daily data backups and off-site data storage for monthly data archiving. Define data recovery...