40.4 Information Security and Privacy Flashcards Preview

Sgt Study GUI > 40.4 Information Security and Privacy > Flashcards

Flashcards in 40.4 Information Security and Privacy Deck (33)
Loading flashcards...
1
Q

Employees shall obtain _____ _____ prior to using personally-owned computers or electronic devices (i.e., USB/flash drives, portable hard drives, smart phones, tablets) for work-related activities.

A

departmental approval

2
Q

What form shall be used when requesting use of technology outside of state issued equipment or specific internet access?

A

CHP 109

3
Q

It is the responsibility of _____ ____ to protect these assets and take a proactive role in preserving CHP data and associated computer resources/equipment.

A

every user

4
Q

Only the _____ __ _____ _____, with the approval of the Department ISO, has the authority to approve the ongoing monitoring of a specific account

A

Office of Internal Affairs

5
Q

Employees who receive inappropriate e-mail through the departmental e-mail system shall immediately forward the e-mail to their respective ________ for investigation and resolution. After forwarding an inappropriate e-mail, employees shall delete the e-mail from their respective account.

A

commander

6
Q

Employees should consider all postings on such sites as ______, whether or not they have marked the site as private, locked, etc., due to the possibility of third parties importing parts of the site into the public domain

A

Public

7
Q

Short term access to wireless network for visitors could be granted. Temp accounts could be made. This access lasts for ___ ________ day(s) and ending at ____ hours.

A

one business, 1700

8
Q

With the exception of employees who have been trained and designated as ‘Information Officers’ by Office of Community Outreach and Media Relations, maintenance of a social network site and/or social media while on duty is prohibited, as well as off-duty
postings that may cause discredit to the Department, and unauthorized posting of Department badges, uniforms, emblems, etc. (refer to Chapter 16 of this manual). Also, due to the possibility that, once posted, pictures, video recordings, and other images of CHP peace officers may exist in cyberspace forever, CHP peace officer employees should be aware that such postings could make them ineligible for specialized positions where anonymity is required. In addition, due to potential personal and professional ramifications of such postings, CHP employees are advised that they should obtain permission from the CHP peace officers who are in the image prior to posting photographs, videos, or any image of CHP peace officers on the Internet, whether or not identified as a peace officer.

A

That one was a fun fact

9
Q

Be advised that the Department ____ hold employees responsible for all postings on their Web sites or social network/media, and ____ take disciplinary action, up to and including dismissal, if any employee misuses CHP materials and/or images of uniformed CHP peace officers

A

will, may

10
Q

A ____ is an unwanted computer program that copies itself into other programs. After running an infected program, the code in the virus executes and replicates itself. Computer viruses often delete information or cause systems to malfunction. Viruses may activate when a program executes, or may wait to execute until a specific date or activity occurs.

A

virus

11
Q

_______ have the ability to self-replicate with no user action necessary, and do not need to attach to other applications.

A

worms

12
Q

______ horses are concealed in programs which appear useful to a user but in fact
contain hostile code which facilitates unauthorized access to resources on the
computer by hackers.

A

trojan

13
Q

A _______ is an infection designed to conceal the fact that it has been installed, which can hide from common protection methods, may appear as a Trojan horse to entice a user to run it, and may contain backdoors to grant remote code execution ability by hackers.

A

rootkit

14
Q

________ secretly collects personal information about a user for use by hostile parties and can include key loggers, popup advertisements, or Web redirectors.
Adware typically downloads and displays advertisements which can appear legitimate but can have malicious intent, such as installing ______ (same answer as first blank.

A

spyware

15
Q

All files received ________ be scanned for viruses prior to storage on the network or
transfer to another employee.

A

shall

16
Q

Scanning Files. Files to be scanned shall first be saved to either portable storage media or a desktop computer’s_______. The virus scan will be executed from the desktop computer. If and when the files are verified to be virus-free, the files may be stored on the network or transferred to other employees.

A

hard disk

17
Q

Reports of computer virus threats, hoaxes, or Trojan horse programs shall be
____________ reported to the Department ISO.

A

immediately

18
Q

What Government code states in essence CLETS is for official business?

A

15153

19
Q

A preliminary record check ____ be performed on any person prior to their approval as a “ride-along” with a law enforcement officer or “sit-along” with a CLETS operator, provided that person is not an employee of the law enforcement agency

A

may

20
Q

All employees will read and sign the______ , Appropriate Use of Automated Information & Systems Statement.

A

CHP 101

21
Q

How often is CLETS training required?

A

beinnually

22
Q

What are the four recognized user access recognized DOJ in regards to CLETS?

A

Full Access Operator, Less than full access operator, Practitioner, and Administrator

23
Q

Administrator access to CLETS applies to?

A

LT and above and Managers II and above

24
Q

Laptop computer users must attach their laptop to the network and login at regular intervals (at least every ____ ____) in order to update the virus software definitions

A

60 days

25
Q

The Emergency Notification Tactical Alert Center (ENTACT) is designed to be a statewide notification center for emergency incidents, including natural disaster, civil disturbance, terror-ism, the protection of the state infrastructure, and other incidents. The ENTAC is available ____ hours a day, _____ days a week, to receive reports

A

24, 7

26
Q

Commanders shall ensure that all computer security-related incidents including lost, stolen, damaged, and destroyed state-owned or state-leased equipment or data are reported ________ and documented appropriately

A

immediately

27
Q

Who is the OPI for all IT incidents?

A

IMD

28
Q

The use of social media falls within two fundamental categories:

A

Obtaining information and performing research.

(2) Sharing or posting official agency information; a two-way flow of information.

29
Q

ENFORCEMENT. Any employee found to have violated this policy may be subject to disciplinary action, up to and including _________ ___ ________

A

termination of employment

30
Q

For purposes of MDC. A user is defined as an

A

officer or sergeant

31
Q

It is recommended that the CFS is used to share files greater than _____ megabytes in size.

A

10

32
Q

In regards to OneDrive cloud, the current file storage limit is _____ gigabytes per user

A

50

33
Q

All files shared via file share automatically expire after ____ days.

A

30