Case Study: Q-Drugs

ESSENCE OF THE CASE

  • How would you begin the investigation?

  • Given the situation, would you continue to monitor the employee or stop her activity immediately?

  • Which investigative techniques could be used to successfully prove or disprove the activities of the employee?

SCENARIO

You work in the IT department for a large pharmaceutical company and are the security investigator for computer incidents. You have received a call from a manager who suspects an employee of accessing highly sensitive documents and possibly copying them. You have been asked to investigate this possibility.

Several incidents have occurred recently to raise the suspicion of the manager of the suspected employee. On several occasions, the manager has observed ...

Get Security+ Training Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial