Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security+ > 5.3 Importance of policies to organizational security > Flashcards

5.3 Importance of policies to organizational security Flashcards

1
Q

Personnel security: what is an AUP ?

A

Acceptable Use Policies that covers how internet, telephone, computers etc should be use

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Personnel security: why an AUP is important ?

A

To set up a framework and limit legal liability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Personnel security: what is least privilige?

A

Rights and permissions should be set to the bare minimum for a user. All user accounts must be limited

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Personnel security: what is a background check?

A

Pre-employment screening to veritfy the applicant’s claims

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Personnel security: what is an NDA?

A

Non-Disclosure agreement is a confidential agreement to prevent the use and dissemination of confidential info

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

3rd party management: why 3rd party mngt is important in security?

A

You can get a malware via 3rd party systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

3rd party management: what should you do before engaging with a 3rd party ?

A

Assess the IT systems supporting the operation, evaluate the coordination between the 2 parties, document the business process changes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

3rd party management: what can be included in a contract ?

A
  • SLA
  • MOU: Memorandum of Understanding = both side agree on the content
  • MSA: measurement system analysis
  • BPA: business partnership agreement
  • NDA: confidentiality agreement
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Managing data: what is data governance?

A

Rules, processes and accountability associated with an organization’s data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Managing data: what is data classification?

A

Identify data types to associate governance controls to the classification levels

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Managing data: what is data retention ?

A

Keep files that change frequently for version control & legal requirements

Eg recover from virus infection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Credential policies: where password should be stored ?

A

On the server side, never on the client side

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Credential policies: how password sould be communicated across the network ?

A

By using encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Credential policies: how to manage 3rd party account?

A

Add additional layer of security: MFA, audit the security posture of the 3rd party, don’t allow account sharing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Organizational policies: why change management is important ?

A

Change is one of the most common risks in the enterprise so a clear policy on how to make change must exist (upgrade software, change firewall config, modify switch port)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security+ (35 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions