Information Systems Security Strategies
ASSIGNMENT 1
RESPOND TO QUESTIONS 1 AND 2 WITH AT LEAST 50 WORDS EACH
- What does CISSP stand for? Use the Internet to identify the ethical rules CISSP holders have agreed to follow.
- Using the resources available in your library, find out what laws your state has passed to prosecute computer crime.
ASSIGNMENT 2
RESPOND TO QUESTIONS 1 AND 2 WITH AT LEAST 50 WORDS EACH
- Using a Web browser go to www. eff. org. What are the current top concerns of this organization?
- Using the ethical scenarios presented in the chapter, finish each of the incomplete statements, and bring your answers to class to compare them with those of your peers.
ASSIGNMENT 3
RESPOND TO CASE STUDIES WITH AT LEAST 3 SENTENCES EACH QUESTION
CASE STUDY 1
Iris called the company security hotline. The hotline was an anonymous way to report any suspicious activity or abuse of company policy, although Iris chose to identify herself. The next morning, she was called to a meeting with an investigator from corporate security, which led to more meetings with others in corporate security, and then finally a meeting with the director of human resources and Gladys Williams, the CIO of SLS.
- Why was Iris justified in determining who the owner of the CD was?
- Should Iris have approached Henry directly, or was the hotline the most effective way to take action? Why do you think so?
- Should Iris have placed the CD back at the coffee station and forgotten the whole thing? Explain why that action would have been ethical or unethical.
CASE STUDY 2
As Charlie wrapped up the meeting, he ticked off a few key reminders for everyone involved in the asset identification project. “ Okay, everyone, before we finish, please remember that you should try to make your asset lists complete, but be sure to focus your attention on the more valuable assets first. Also, remember that we evaluate our assets based on business impact to profitability first, and then economic cost of replacement. Make sure you check with me about any questions that come up. We will schedule our next meeting in two weeks, so please have your draft inventories ready.”
- Did Charlie effectively organize the work before the meeting? Why or why not? Make a list of the important issues you think should be covered by the work plan. For each issue, provide a short explanation.
- Will the company get useful information from the team it has assembled? Why or why not?