Reply To: OCU ISSO D Week 03 Lesson 12 Discussion

Kelly Crooks

I choose a compromise from within. This kind of threat happens when users with certain privileges misuse those permissions. A compromise form within is the unauthorized disclosure, modification, substitution, or use of sensitive data, or the unauthorized modification of a security-related system, device, or process to gain unauthorized access.

I chose this kind of system threat because I feel that having unauthorized access to data can not only harm the organization it was stolen from, but other people, nations, and the ones who stole the information. Take the leaked or stolen information from the Pentagon that the young serviceman took. He had access and security clearance to that information. He was not only trusted by the Pentagon but by top military officials as well. Whatever his reasons were he decided to steal that information, take it home and copy it and then share it on the internet. I think this kind of threat can harm an organization because it comes from trusted individuals that are working for the organization. Unless that individual shows signs of strange behavior or is asking a lot of questions, an organization might never see the threat coming, let alone expect it.

As a security officer would need to have the right security measures and protocols in place and make sure that they are implemented in the best possible way. Measures such as firewalls, making it so you can’t download or print sensitive material, no personal devices while at work on the job, security cameras, and security training. I would even go as far as checking people’s backpacks, coats, briefcases, etc when leaving a particular organization or government facility.


Please Note:

The support ticket system is for technical questions and post-sale issues.


If you have pre-sale questions please use our chat feature or email .

Cybersecurity Certifications for Today's INFOSEC Careers

Mile2 Cybersecurity Certifications is a world-leader in providing accredited education, training, and certifications for INFOSEC professionals. We strive to deliver the best course ware, the strongest Cyber Range, and the most user-friendly exam system in the market.


Our training courses follow our role-based Certification Roadmap. Plus, many of our classes include hands-on skill development in our Cyber Range.  We train students in penetration testing,disaster recovery, incident handling, and network forensics.  Additionally, our Information Assurance training certification meets military, government, private sector and institutional specifications.  



We've developed training for...

Canada Army Navy Airforce

The Canadian Department of National Defense


The United States Air Force

Defense Logistics Agency

A United States Counterintelligence Agency

Texas Workforce Commission

Texas Workforce Commission

error: Alert: Content is protected !!