Shuying Wu

ITS 370

Chapter 1

Exercises

4. Using the Web, find a large company or government agency that is familiar to you or located in your area. Try to find the name of the chief executive officer (CEO), the CIO, and the CISO. Which was easiest to find? Which was hardest?

Doug McMillon is the CEO of Walmart Inc, the CIO is Clay Johnson, and lastly the CISO is Jerry R. Geisler III. The CEO was easiest and the CISO was harder as you might not know if he is the current.

5. Using the Web, find out more about Kevin Mitnick. What did he do? Who caught him?  Write a short summary of his activities and explain why he is infamous.

Kevin Mitnick is currently a computer security consulter, author, and ethical hacker. He runs the security firm Mitnick Security Consulting, LLC which helps test company’s security strengths, weaknesses, and potential loopholes. He is also the Chief Hacking Officer of the security awareness training company KnowBe4, as well as an active advisory board member at Zimperium, a firm that develops a mobile intrusion prevention system. He hacked into companies developing OS software and phone company. The FBI caught him. He got famous by his books, the controversial of the case, and use of social engineering.

Case Exercises

1.Q. Do you think this event was caused by an insider or outsider? Explain your answer.

A. I believe the event was caused by an outsider. The virus seems to inject on a host computer then send emails containing copies of the virus to email contacts, making the virus widespread. Since attachments need to be opened for the virus to infect a computer, it makes the most sense that it came from an outside source.

2. Q. Other than installing virus and worm control software, what can SLS do to prepare for the next incident?

A. SLS can increase its user’s awareness of viruses and take preventative measures. Users should not open attachments from sources they aren’t sure of the sources. USB Thumb drives, CDs and other medication also contain viruses. By creating an awareness of sources of infection, risk can greatly be lowered.

3.Q. Do you think this attack was the result of a virus or a worm? Explain your answer.

A. This attack was the result of “virus”. I think result of the attack may be virus because the stack identified is a security problem which can be caused by a virus but not by worm.

Ethical Decision Making

1.     Would it be ethical for Amy to open such a file?

No, it wouldn’t be ethical to open such file. The email is not showing the exact message.

2.     If such an e-mail came in, what would be the best action to take?

The best possible action for such e-mail is sending the reply to that e-mail confirming about it.