Question

In: Computer Science

A finance company has a database of customer documentation, including application forms containing a substantial amount...

  1. A finance company has a database of customer documentation, including application forms containing a substantial amount of personally identifiable information (PII). The database contains the records of over 10,000 customers. The database is only accessible from inside the network of the company – it is not directly exposed to the Internet. (15 marks total)

    1. Suggest a suitable data classification for this information held by this database and explain why this classification is appropriate.

    2. Suggest one threat actor, and why they might want to compromise these data.

    3. Suggest one preventative security control that might be used to mitigate a threat against these data. Briefly explain how the control reduces the threat of the data being compromised.

Solutions

Expert Solution

Sol:

***

A restricted data classification will be suitable for this information. Why because the data are highly confidential and private. The data should not be accessible to no one outside. Hence This type of data classification will be suitable.

***

Cyber criminals are example for threat actor . The main objective of this actor is nothing but stealing confidential and private data from the company and sell it for other company for money.

***

Data encryption is one of the usefull preventative security control that will help to mitigate the data theft issue . If the data are stongly encrypted it is very dificult to decrypt and read it unless if you dont have the encryption key . This method have wide range of benefits and one of the very effective way to protect the data also.


Related Solutions

A finance company has a database of customer documentation, including application forms containing a substantial amount...
A finance company has a database of customer documentation, including application forms containing a substantial amount of personally identifiable information (PII). The database contains the records of over 10,000 customers. The database is only accessible from inside the network of the company – it is not directly exposed to the Internet. i. Suggest a suitable data classification for this information held by this database and explain why this classification is appropriate.   ii. Suggest one threat actor, and why they might...
Suppose your company has built a database application that runs on a centralized database, but even...
Suppose your company has built a database application that runs on a centralized database, but even with a high-end computer and appropriate indices created on the data, the system is not able to handle the transaction load, leading to slow processing of queries. What would be some of your options to allow the application to handle the transaction load?
unctional Requirements  Design a Windows Forms Application for a movie database providing appropriate controls for...
unctional Requirements  Design a Windows Forms Application for a movie database providing appropriate controls for the following data:  Movie Name  ISBN13 Number (optional)  Release Date  Location (Canadian OR International)  Genre (Action, Biography, Comedy, Drama, Educational, History, Horror, Musical, Mystery, Romance, Sci-Fi, Thriller OR Western)  Rating (1 to 5 stars)  Duration (in minutes)  Price  Support loading and saving of the data for multiple movies to a Sequential Text file  Display...
Consider a database containing information about all the car accidents between 1997 and 2005, including the...
Consider a database containing information about all the car accidents between 1997 and 2005, including the cars involved and their owners. The database has the following tables: Car (license, year, make, model); Accident (license, accident date, damage_amount zipcode); Owner (SSN, license, name, address, zipcode); // zipcode in Accident is the place where accident took place // assume that the same car does not get into an accident twice in a day // assume each owner has only one licensed car...
Carson company has obtained substantial loans from finance companies and commercial banks. The interest rate on...
Carson company has obtained substantial loans from finance companies and commercial banks. The interest rate on loans is tied to market interest rates and is adjusted every six months. Because of its expectations of a strong US economy, Carson plans to grow in the future by expanding its business and making acquisitions. It expects that it will need substantial loan-term financing and plans to borrow additional funds through loans or by issuing bonds. It is also considering stock to raise...
Bling-Bling Jewellery Company Limited (“BB”) has been engaging in selling jewellery. It keeps a substantial amount...
Bling-Bling Jewellery Company Limited (“BB”) has been engaging in selling jewellery. It keeps a substantial amount of gem stones as inventory. The gem stones are recognized as raw material in the financial statements, and the amount of the gem stones is considered as material for the financial statements. Lee, Wong & Partners (“Lee Wong”) is the auditor of BB for its financial statements for the year ended 31 December 2020. Michael Lau, the CFO of BB, understands that Lee Wong...
For the given database schema. Answer the following questions. Company Database customer(cust_id, name, address) product(product_id, product_name,...
For the given database schema. Answer the following questions. Company Database customer(cust_id, name, address) product(product_id, product_name, price, quantity) transaction(trans_id, cust_id, time_date) product_trans(product_id, trans_id) Identify the primary keys and foreign keys for the relations and specify at least two different types of integrity constraints that would be applicable for different relations given.
Prompt Ortelere, a retired teacher, has built up a substantial amount of funds in her retirement...
Prompt Ortelere, a retired teacher, has built up a substantial amount of funds in her retirement plan before she retired because of "involutional psychosis" (a form of mental illness). She has previously specified that a lowered monthly retirement benefit would be paid to her so that her husband would get some benefit from the retirement plan if she died before he did.  After her mental problems began, she changed her payout plan and borrowed from the pension fund (....ok, lady, you're...
1. The amount of money spent by a customer at a discount store has a mean...
1. The amount of money spent by a customer at a discount store has a mean of $100 and a standard deviation of $30. What is the probability that a randomly selected group of 50 shoppers will spend a total of more than $5700? (Hint: The total will be more than $5700 when the sample average exceeds what value?) (Round the answer to four decimal places.) P(total > 5700) =   2. Five students visiting the student health center for a...
Week 16 E-businesses tend to store vast amount of customer data including emails, DOBs, Credit card...
Week 16 E-businesses tend to store vast amount of customer data including emails, DOBs, Credit card information, and other critical personal information. It is important that such businesses spend the required budget on security to protect customer data. In the past several years, many companies have been hacked and millions of customers’ data have been compromised. List two e-businesses whose data have been compromised due to the lack of a robust secure system to protect customers. List and elaborate. BUS...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT