Question

David Doe is a network administrator for the ABC Company. David is passed over for promotion three times. He is quite vocal in his dissatisfaction with this situation. In fact, he begins to express negative opinions about the organization in general. Eventually, David quits and begins his own consulting business. Six months after David’s departure, it is discovered that a good deal of the ABC Company’s research has suddenly been duplicated by a competitor. Executives at ABC suspect that David Doe has done some consulting work for this competitor and may have passed on sensitive data. However, in the interim since David left, his computer has been formatted and reassigned to another person. ABC has no evidence that David Doe did anything wrong.
1. What steps might have been taken to detect David’s alleged industrial espionage?

2. What steps might have been taken to prevent his perpetrating such an offense?

Answer 1

Answer:

1 - Monitoring the data coming in and out of the companies network and limiting the amount of sensitive information or completely blocking it with a rattrap firewall or any other network monitoring device.

2 - Creating a windows system image (if it were to be a windows device) and saving it in a closed location with a disk only capable of writing without reading.

Explanation: