Premium Essay

Lab 3 Assessment Questions Is3350

In:

Submitted By Dozier97
Words 649
Pages 3
1. Did CardSystems Solutions break any federal or state laws?
• Federal Trade Commission presented a decision order on CardSystems Solutions and its predecessors as a result of negligence and violation of FTC Act 15, U.S.C. 41-58.
2. CardSystems Solutions claim to have a hired an auditor to assess compliance with PCI DSS and other best practices for ensuring the C-I-A of privacy data for credit card transaction processing. Assuming the auditor did indeed perform a PCI DSS security compliance assessment, what is your assessment of the auditor’s findings?
• If compliant they would have implemented proper IP s firewalls or maintained their anti-virus program definitions. Also they were required to encrypt all stored sensitive privacy data for research.
3. Can CardSystems sue the auditor for not performing his or her tasks and deliverables with accuracy? Do you recommend that CardSystems Solutions pursue this avenue?
• No because they were PCI DSS compliant in 2004 but was not certifiably compliant at the time of attack in June of 2005.
4. Who do you think is negligent in this case study and why?
• CardSystems. Given their high profile, they were expected to be in compliance for properly storing and protecting all privacy data including gathered transactions and credit card information of their cliental in an encrypted manner.
5. Do the actions of the CardSystems warrant an “unfair trade practice” designation as stated by the Federal Trade Commission (FTC)?
• Yes, because the cliental trust in good faith at the fact that their information will not be compromised in the possession of the company. If the company was not compliant then all sensitive data was put at risk.
6. What security policies do you recommend to help with monitoring, enforcing, and ensuring PCI DSS compliance?
• Gramm-Leach-Briley Act (GLBA), Payment Card Industry Standards (PCI),

Similar Documents

Free Essay

It Computer

...test√1, Windows Security Features. Chapter 1; Chapter 2. 2, Secure Access Control. Chapter 3. Lab 1; Assignment 1. 3, Windows Encryption. Chapter 4. IS 3340 - Windows Security - ITT Tech Flint Study Resources www.coursehero.com/sitemap/schools/1177-ITT.../1724144-IS3340/ Looking for help with IS 3340 at ITT Tech Flint? Course ... IS 3340 - Windows Security - ITT Tech Flint Study Resources ...... Quality answers or your money back. IS3340 Lab Unit 5 Assignment 1 : WINDOWS SE IS3340 ... www.coursehero.com/file/8721414/IS3340-Lab-Unit-5-Assignment-1/ Jan 26, 2014 - MOST POPULAR MATERIALS FROM WINDOWS SE IS3340. 1 Page ... IS3340 Lab Unit 5 Security Assessment Potential Risk ... Access Security > Ali > Notes > IS4670_15_Syllabus.pdf ... www.studyblue.com/notes/note/n/is4670_15_syllabuspdf/.../9759518 Feb 7, 2014 - Find and study online flashcards from Access Security. ... IS3350 Security Issues in Legal Context IS3230 Access Security IS3340 Windows Security IS3440 .... Don?t assume there is only one correct answer to a question ? You've visited this page 2 times. Last visit: 5/28/14 [DOC] Assignment www.webonthecloud.com/is3340/Assignments.docx This assignment builds on the scenario of Ken 7 Windows Limited, which was ... Provide the answers to the following questions to satisfy the key points of ... IS3340 Windo ws Security STUDENT COPY: Graded Assignment Requirements. [DOC] Syllabus - ITT Tech. www.webonthecloud.com/is3340/Syllabus.docx IS3340. Windows Security...

Words: 287 - Pages: 2