SEC 6060 Week 3 Case Study

.docx

School

Wilmington University *

*We aren’t endorsed by this school

Course

6060

Subject

Information Systems

Date

Jan 9, 2024

Type

docx

Pages

5

Uploaded by Admys

Report
Running head: Need for Standards in Cyber Security 1 Week 3 - Case Study Need For Standards in Cyber Security Wilmington University SEC-6060: Incident Handling and Response September 14 th , 2022 What happened during this case?
Need for Standards in Cyber Security 2 Administrators of the state court of Iowa contracted Coalfire Labs, a security firm, to examine the judicial court's security system. Penetration testers Gary DeMercurio and Justin Wynn are employed by Coalfire Labs to test the security of judicial courts, and they are infiltrated to impersonate workers and contractors in accordance with the contract. They used pretexts to get physical access to the facilities, and they used those features to gain access to prohibited regions. Force-opening doors or securing the entry area cannot be construed as an attempt to disable the alarm system. According to the contractor, both guys entered the courthouse to test the security at the Dallas courthouse, where an audible set off alarms was set up and then waited onsite for police according to rules. During the case study, the police accused them of being criminals, and the proceedings are in progress. (Goodin, 2019). What laws were broken? The laws which are broken in the case study are Trying to get access to the courthouse at an unexpected time to test the physical security Outside of business hours, the testers did not inform the official members that they were investigating physical security (Iowa Prosecutors Drop Charges Against Men Hired to Test Their Security, 2020). What did Coalfire do right? Workers of Coalfire entered the courthouse outside of working hours to test the physical security and to satisfy the needs of the client employees of Coalfire behaved in this manner. Coalfire workers waited for police to explain the situation since they were performing their job, but cops suspected them and grabbed them regardless (Iowa Prosecutors Drop Charges Against Men Hired to Test Their Security, 2020). What do you think Coalfire did wrong?
Need for Standards in Cyber Security 3 Following the conclusion of the contract between the members of the court and coalfire, the members of the jury who established the contract should be with the workers when they arrive at work. Without either of them, coalfire carried out the requirements and faced complications. It would be preferable if employees carried out their duties in the presence of the current official members who signed the contract. There will be no more such abuses, and the workers will be safe (Iowa Prosecutors Drop Charges Against Men Hired to Test Their Security, 2020). What were the legal issues facing both Coalfire and their employees? Employees of coalfire have been arrested on suspicion of breaking and entering and have been charged with felony third-degree burglary and possessing burglary tools. The judicial branch authorities stated that they did not expect coalfire to do physical penetration testing outside of business hours. These are the challenges that coalfire and its employees confront (Iowa Prosecutors Drop Charges Against Men Hired to Test Their Security, 2020). Who was really at risk? Employees of coalfire are at risk because of the official members of the judicial court's response, and to avoid those potential problems, the company's owners should inform customers. Coalfire workers believed that they were under contract for work and that they could do anything they wanted until the work was completed, so they went to the courts after hours, knowing that their jobs were in danger (Iowa Prosecutors Drop Charges Against Men Hired to Test Their Security, 2020). Research and find various penetration "services." Please list at least two examples of the legal process used by pen testers to "assure" customers that "Coalfire won't happen here."
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help