The new security policy states that only authorized software will be allowed on the corporate
network and all personally owned equipment needs to be configured by the IT security staff before
being allowed on the network. The security administrator creates standard images with all the
required software and proper security controls. These images are required to be loaded on all
personally owned equipment prior to connecting to the corporate network. These measures
ensure compliance with the new security policy. Which of the following security risks still needs to
be addressed in this scenario?
A.
An employee copying gigabytes of personal video files from the employee’s personal laptop to
their company desktop to share files.
B.
An employee connecting their personal laptop to use a non-company endorsed accounting
application that the employee used at a previous company.
C.
An employee using a corporate FTP application to transfer customer lists and other proprietary
files to an external computer and selling them to a competitor.
D.
An employee accidentally infecting the network with a virus by connecting a USB drive to the
employee’s personal laptop.