The new security policy states that only authorized software will be allowed on the corporate network and all personally owned equipment needs to be configured by the IT security staff before being allowed on the network. The security administrator creates standard images with all the required software and proper security controls. These images are required to be loaded on all personally owned equipment prior to connecting to the corporate network. These measures ensure compliance with the new security policy.
Which of the following security risks still needs to be addressed in this scenario?
A . An employee copying gigabytes of personal video files from the employee’s personal laptop to their company desktop to share files.
B . An employee connecting their personal laptop to use a non-company endorsed accounting application that the employee used at a previous company.
C . An employee using a corporate FTP application to transfer customer lists and other proprietary files to an external computer and selling them to a competitor.
D . An employee accidentally infecting the network with a virus by connecting a USB drive to the employee’s personal laptop.
Answer: C
Leave a Reply