1. Violation of a security policy by a user
C. Place employee on probation, review acceptable use policy (AUP) and employee manual, and discuss status during performance reviews.
2. Disgruntled employee sabotage
I. Track and monitor abnormal employee behavior, erratic job performance, and use of IT infrastructure during off-hours. Begin IT access control lockout procedures based on AUP monitoring and compliance.
3. Download of non-business video using the Internet to an employer-owned computer
A. Enable content filtering and antivirus scanning at the entry and exit points of the Internet. Enable workstation auto-scans and auto-quarantine for unknown file types.
4. Malware infection of a user’s laptop
L. Use workstation antivirus and malicious code policies, standards, procedures, and guidelines. Enable an automated antivirus protection solution that scans and updates individual workstations with proper protection.
5. Unauthorized physical access to the LAN
N. make sure wiring closets, data centers, and computer room are secure. Provide no access without proper credentials.
6. LAN server operating system vulnerabilities
F. Define vulnerability window policies, standards, procedures, and guidelines. Conduct LAN domain vulnerability assessments.
7. Download of unknown file types from unknown sources to local users
B. Apply file transfer monitoring, scanning, and alarming for unknown file types and sources.
8. Errors and weaknesses of network router, firewall, and network appliance configuration file
H. Define a strict zero-day vulnerability window definition. Update devices with security fixes and software patches right away.
9. WAN eavesdropping
M. Use encryption and virtual private network (VPN) tunneling for secure IP communications.
10. WAN Denial of Service (DoS) or Distributed Denial of Service...