Reference no: EM132194296
EXAM QUESTIONS
The first three essay questions are based on the following hypothetical, which is the same as the hypothetical from before with a few relevant changes.
Hypothetical
PolticsCureCoTM has been in business for quite some time and has been a successful company. The company specializes in drugs and therapies to cure anxieties and unresolved anger caused by actions/lack of actions by politicians and elected officials and coping strategies in toxic political environments. Politicians and elected officials themselves use the various drugs of the company to survive or even thrive in their chosen profession. PolticsCureCo's products include StonewallaTMandFilibusteraTM.
The company is in the process of introducing a new slogan, "Just Do It and Make Cure Great Again." to motivate their users. They are also in the process of coming up with a new drug, to be introduced asImpeachra. Both the new slogan and the plan to introduce the new drug are highly sensitive and company confidential information. A political junkie magazine PoliticsJunkie, has, however,revealed about these plans of PoliticsCureCo in their latest issue. PolticsCureCo was furious about this.
When they contacted PoliticsJunkie about this, PoliticsJunkieridiculed them stating that it was easy to find out this information because information about both projects were available tomany in the organization, but they would not release their sources or how they obtained the information.
1. The CEO is very concerned about PoliticsJunkie's learning about PoliticsCureCo's secret plans (both about the new slogan and about the drugImpeachra) and she has ordered you to conduct a full investigation to identify the root cause of the incident. Ever since PoliticsJunkie disclosed the plans, the CEO has been facing extensive scrutiny from the Board of Directors. The CEO has asked you to send her an e-mail with your incident response strategy, preferably outlined in bullet point format so she could use the e-mail as talking points for updating the Board of Directors. The CEO is essentially asking you to outline the objectives of your forensic investigation and the steps you plan to take. As you know by now, the CEO is very busy and she does not like long e-mails. Keep your response to 300 words or less.
2. The initial forensics investigation has led to the determination that PoliticsJunkie has hacked into PoliticsCureCo systems and obtained the sensitive information about the slogan and the drug Impeachra.The CEO has asked you to describe in 300 words or less what, if any, crime PoliticsJunkie has committed and what steps could be taken to ensure that any forensic evidence collected can be admissible in court.
3. Assume one year has passed. The drugImpeachrahas been brought into the market after a short trial. A website that reviews new anxiety drug products has allowed consumers to post reviews of Impeachra. The reviews have generally been negative, with one consumer stating that PoliticsCureCois filled with a bunch of fake scientists with PhDs from fake universities, who just copied the formula for Valium. While the CEO (and so are many reviewers in the industry know or the allegations are ridiculous), she asked you to summarize in 300 words or less whether PoliticsCureCo can hold the website legally liable for theunflattering posts on their site.
4. Attacking the Attacker: As the CISO, you detect an incident in progress on your company's computer network and you determine the external source of the attack. Should you "hack back?" What are the issues involved?