Kate Rohde

ITS 370

Chapter 4 Homework



2.     Search the Web for Security education and training programs in your area. Keep a list and see which category has the most examples. See If you can determine the costs associated with each example. Which do you think would be more cost-effective in terms of both time and money?

a.     From what I could find in the Duluth and Superior area the cheapest and most time effective program was provided at the College of Lake Superior. Tuition would cost about $7000 for a full year of full time classes and one can complete their cyber security program in that year.


5.     Classify each of the following occurrences as an incident or disaster. If an occurrence is a disaster, determine whether business continuity plans would be called into play. Describe the steps necessary to restore operations. Indicate whether law enforcement would be involved.

a.     A hacker breaks into the company network and deletes files from a server.

                                                           i.     Incident, continuity plans would definitely be put into play, so back up files would need to be used to keep business flowing and sLaw enforcement would be called in to determine the hacker if possible.

b.     A fire breaks out in the storeroom and sets off sprinklers on that floor. Some computers are damaged, but the fire is contained.

                                                           i.     Disaster, continuity plans would not be needed since the damage was mostly under control and law enforcement would not be needed. The only action needed would be figuring out how to replace the computers and prevent the fire from breaking out again by updating the businesses continuity plan as well.

c.      A tornado hits a local power station, and the company will be without power for three to five days.

                                                           i.     Disaster, continuity plans would need to be put into effect since the company will need to figure out a way to compensate for the losses for those couple days. No law enforcement would be needed. The company could look into backup generators for now and in the future for disasters such as these, since power outage can be a fairly common.

d.     Employees go on strike, and the company could be without critical workers for weeks.

                                                           i.     Incident, continuity plans would need to be put into place since the required workers are not doing their work. To restore operations the simplest solution is to give into the strike demands and get the workers back to work right away. If the strike gets violent then law enforcement will be needed however employees do have the right to strike.

e.      A disgruntled employee takes a critical server home, sneaking it out after hours.

                                                           i.     Incident, since the employee took a server home, they will need to put continuity plans into place to keep business flowing. Law enforcement would need to come into play to solve the theft.


Case Exercises:


           Discussion Questions:

1.     What would be the first note you wrote down if you were Charlie?

f.      Make sure the off-site back-ups were up to date and regularly backing up critical information.


2.     What else should be on Charlie’s list?

g.     Test the off-site back up tapes. Back up his circuit specs off-site. Bring the continuity up to date.


3.     Suppose Charlie encountered resistance to his plans to improve continuity planning. What appeals could he use to sway opinions?

h.     Show them what the losses could do, which means potentially the company would shut down.


           Ethical Decision Making:


§  Setting aside any legal requirements that SLS making its policies conform to French law, does SLS have an ethical imperative to modify its policies to better meet the needs of its stakeholders in the new country?

o   Yes, they should modify policies to meet the needs of their stakeholders but make sure with their changes they are not cheating out the stakeholders back in the original country the company started in.


§  Is SLS under any ethical burden to offer the same benefits to employees in its original country?

o   As I said before with the changes, they make they need to make sure they are not cheating the original stakeholders out. They could offer in the original country if they so choose. It is very reliant on the new modifications they will need to make and how durastic they are.