General discussion

  • Creator
    Topic
  • #2140482

    Cyber security scenario questions

    by kratos17 ·

    Tags: 

    Hello My cyber security mates/ colleagues!

    please I need assistance with this scenario below:

    This synopsis is intended to present a real world situation where you as a cyber security consultant are asked for your opinion and recommendation to steer a small business in a direction towards a more appropriate and sustainable cybersecurity posture.

    Subject overview:
    (moderated) Inc is a manufacturing organization which designs a chip for use in a video processing and display appliance. They have two office locations, one in California and one in Beijing. The chip design, testing, administration and sales are functions performed in the United States, as well is coordination with a manufacturing prototyping partner. The office in Bejing overseas production manufacturing of the chip inventory through a partner near the office in Beijing. The company has 85 employees in the United States, 30 in China and 15 spread across the globe as regional sales staff.

    Current State:
    (moderated) has received a call from Steve Smith , the COO, stating he got our name from (moderated), LLC, a current customer, and would like to discuss their current security posture and some weird recent activity on the network. During the initial engagement the following items were discussed and observed:
    1.            (moderated) inc feels that they have good security since their Sonicwall firewall is only a couple years old and the AV software is from Symantec, a well-known brand.
    2.            They started using Microsoft 365 last year and feel that move has made their security strategy more sophisticated and next gen capable of dealing with the current cyber threats they face.
    3.            They don’t exactly have a predefined budget for security, but the owner would approve expenses if he could justify them and it was warranted.
    4.            Recently they were presented with an opportunity to partner on a bid for an upcoming project, but the prime was mentioning security compliance and “NIST stuff” that they weren’t too sure about.
    5.            They currently feel they are compliant with partner requirements because they have filled out the questionnaires sent to them and stated they met many of the items.
    6.            Recently they had a few development servers crash out of the blue on the network, but the admins are troubleshooting the problems.
    7.            Last year, just after they setup Microsoft 365, the COO and a couple of the engineering accounts were locked out unexplainably

    Moderator Note: Removed company names to avoid this being spam and leaking company data.

You are posting a reply to: Cyber security scenario questions

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our Community FAQs for details. All submitted content is subject to our Terms of Use.

All Comments

  • Author
    Replies
    • #2414922

      About item 7.

      by rproffitt ·

      In reply to Cyber security scenario questions

      That sounds like the IT staff isn’t up to snuff yet. Because of how:
      1. The Cloud works.
      2. The Great Firewall (China).

      The IT staff shall create backups for when 365 and the Internet connections to/from other countries fail. Sometimes you get unseasoned IT that are a bit too gung ho about the cloud and fail to keep the company running when a cloud service is down.

      For engineering work I’ve been involved with we never let IT near the engineering servers. We do that ourselves and let IT deal with mundane office stuff. We will never allow IT to control these servers as they tend to lock down or move to the cloud without considering we must keep working.

      • #2414921

        PS. Please update your post.

        by rproffitt ·

        In reply to About item 7.

        It shared the scenario but I found no questions.

    • #2414917

      In other words, you don’t have a clue

      by Wizard57M-TR ·

      In reply to Cyber security scenario questions

      “This synopsis is intended to present a real world situation where you as a cyber security consultant are asked for your opinion and recommendation to steer a small business in a direction towards a more appropriate and sustainable cybersecurity posture.”

      Sounds like you were filling out an employment application/questionaire after posting fake credentials and now are looking for the answer…or, you’re taking an exam for credit in some sort of security course.
      Study your coursework assignments.

Viewing 1 reply thread