2 cissp ® Official Study Guide Eighth Edition



Download 19,3 Mb.
Pdf ko'rish
bet702/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   698   699   700   701   702   703   704   705   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Sabotage
Employee 
sabotage
is a criminal act of destruction or disruption committed against an 
organization by an employee. It can become a risk if an employee is knowledgeable enough 
about the assets of an organization, has sufficient access to manipulate critical aspects of 
the environment, and has become disgruntled. Employee sabotage occurs most often when 
employees suspect they will be terminated without just cause or if employees retain access 
after being terminated.
This is another important reason employee terminations should be handled swiftly and 
account access should be disabled as soon as possible after the termination. Other safe-
guards against employee sabotage are intensive auditing, monitoring for abnormal or unau-
thorized activity, keeping lines of communication open between employees and managers, 
and properly compensating and recognizing employees for their contributions.
Espionage
Espionage
is the malicious act of gathering proprietary, secret, private, sensitive, or con-
fidential information about an organization. Attackers often commit espionage with the 
intent of disclosing or selling the information to a competitor or other interested organiza-
tion (such as a foreign government). Attackers can be dissatisfied employees, and in some 
cases, employees who are being blackmailed by someone outside the organization.

756
Chapter 17 

Preventing and Responding to Incidents
It can also be committed by a mole or plant placed in the organization to steal informa-
tion for a primary secret employer. In some cases, espionage occurs far from the work-
place, such as at a convention or an event, perpetrated by someone who specifi cally targets 
employees’ mobile assets. 
Countermeasures against espionage are to strictly control access to all nonpublic data, 
thoroughly screen new employee candidates, and effi ciently track all employee activities. 
Many reported cases of espionage are traced back to advanced persistent threats (APTs) 
sponsored by nation-states. APTs are discussed in several chapters of this book, such as 
Chapter 14. One of the ways these attacks are detected is with egress monitoring, or moni-
toring the fl ow of traffi c out of a network.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   698   699   700   701   702   703   704   705   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish