A newly-hired Chief Information Security Officer (CISO) is faced with improving security for a
company with low morale and numerous disgruntled employees. After reviewing the situation for
several weeks the CISO publishes a more comprehensive security policy with associated
standards. Which of the following issues could be addressed through the use of technical controls
specified in the new security policy?
A.
Employees publishing negative information and stories about company management on social
network sites and blogs.
B.
An employee remotely configuring the email server at a relative’s company during work hours.
C.
Employees posting negative comments about the company from personal phones and PDAs.
D.
External parties cloning some of the company’s externally facing web pages and creating lookalike sites.