Question 004:
Q:
What should you do if you find abandoned or lost media such as floppy disks, CD-ROMs, or USB Flash Drives in or around the reception area or outside of the building?
A:
By all means, NEVER put the media into your computer! Submit the media to your Network Security or IT department so that they may safely inspect the data on the drive without risk of the company's network being exposed to malicious programs, worms, or viruses which may be present on the media.
Risk:
Multiple risks apply to found media. In addition to the possibility of the media containing viruses or worms which could
infect and spread through your company's network from the inside,
Social Engineers are now using this technique to plant trojan horse applications within companies to harvest and transmit
sensitive information from the inside of the company. Social Engineers employing this technique rely on unsuspecting employees who are irresponsible enough to insert untrusted media they find on the street, in the elevator, or in the parking lot directly into their company workstations without first inspecting it securely.
Question derived from:
http://www.darkreading.com/document.asp?doc_id=95556&WT.svl=column1_1
|
