Homework Help: Questions and Answers: An it company commissions a new software for Human Resources [HR) management. This new software replaces a legacy software used in the organization for around 20 years. Which of the following security practices are important to prevent data leaks during the decommissioning of the legacy HR software? (Select TWO correct options)
a) Build and execute a disposal/transition plan
b) Sanitize media
c) Threat modeling
d) Final security review
Answer:
First, let’s understand what decommissioning software means:
- It’s the process of removing a system from service and replacing it with a new one.
- In this case, we’re replacing a 20-year-old HR software with a new one.
Now, let’s consider the main security concerns when decommissioning software:
- Ensuring all sensitive data is properly handled and not left behind
- Preventing unauthorized access to the old system during and after the transition
- Properly disposing of any hardware that might contain sensitive information
Let’s analyze each option and determine which are correct security practices to prevent data leaks during the decommissioning of legacy HR software.
Given Options: Step by Step Answering
a) Build and execute a disposal/transition plan
- Creating a detailed plan for disposing of or transitioning from the legacy software ensures that all necessary steps are followed to securely handle the data. This includes identifying data that needs to be retained, securely transferring data to the new system, and ensuring that the old system’s data is properly handled.
b) Sanitize media
- Sanitizing media involves securely erasing or destroying data on storage devices that were used by the legacy software. This prevents unauthorized access to sensitive information that may remain on these devices.
c) Threat modeling
- This is a process used to identify and mitigate potential security threats in a system but is not specifically focused on data leaks during decommissioning.
d) Final security review
- While this might be helpful, but it’s not as directly related to preventing data leaks during decommissioning as options a and b.
- It’s more relevant for new systems being put into production.
Final Answer:
Based on the above analysis, the two correct options are
a) Build and execute a disposal/transition plan
b) Sanitize media
These two practices directly address the main security concerns of handling sensitive data and properly disposing of storage media during the decommissioning process.
Learn More: Homework Help
Q. Which of the following is a risk associated with the use of private data?
Q. Which of the following is a key feature of Microsoft’s AI technology?
