Question Answers
Questions Attached
Question 1:
Many recent breaches have involved payment card systems, otherwise known as point of sales (POS) terminals. The regulations and standards for POS systems is called the payment card industry data security standard (PCI DSS).
Instructions
· Go to
Basic Search: Strayer University Online Library
to research recent POS breaches from within the last three years and explain, based on your reading in class, what occurred. Be sure to cite your sources and your textbook.
· Explain why or why not you think the breach was preventable, as well as the overall impact the breach had on the business.
· In your opinion, if the breach was preventable and the company is found responsible, should they be given a monetary penalty or should stricter legal action be taken, such as jail time? Justify your answer.
· Suggest or recommend any tool that could help to maintain compliance.
Question 2:
It is important to test all Web applications for functionality and security. The Rough Auditing Tool for Security (RATS) is an open-source tool used for this purpose; however, it is accompanied by many other new tools.
Instructions
· Read
14 Best Open Source Web Application Vulnerability Scanners
.
· After you have reviewed the document, select two of your favorite tools, and compare and contrast the tools and determine the pros and cons for each of them.
· How often should security testing be conducted on a company’s website, and how should they conduct the tests? What will happen if you don’t conduct the tests?
· Is there any benefit to having an outside company conduct the tests? Provide your rationale.