5.1 Explain the importance of policies, plans and procedures related to organizational security.

Question 1

Business Continuity Plan (BCP)

Answer 1

ensures that the business can continue to function should a Natural or man-made disaster happen.

Question 2

Business Partners Agreement (BPA)

Answer 2

Written agreement between two or more entities who join as partners to form and carry on a for-profit business.
(if we are not too busy we will help fulfill their order)

Question 3

Service Level Agreement (SLA)

Answer 3

An agreement that specifies performance requirements for a vendor and outlines MINIMUM levels of support, including in the event of failure or disaster.

Question 4

Interconnection Service Agreement (ISA)

Answer 4

Documents the technical and security requirements for establishing, operating, and maintaining the interconnection.

Question 5

Memorandum of Understanding/Agreement (MOU/MOA )

Answer 5

Defines the terms and conditions for securely sharing data and information resources.
not legally binding
handshake on paper

Question 6

Mandatory Vacations

Answer 6

forced to take a vacation. Also, the company is checking your computer while you’re gone.

Question 7

Job Rotation

Answer 7

Defines intervals at which employees must rotate through positions. provides opportunity to cross train. Also provides an opportunity to discover fraud.

Question 8

Separation of Duties

Answer 8

Prevents collusion and fraud. For instance one person cannot both write and sign a check.

Question 9

Clean Desk

Answer 9

A clean desk policy increases the physical security of data by requiring employees to limit what is on their desk or ON THEIR MONITOR.

Question 10

Background Checks

Answer 10

All potential employees should be thoroughly screened with an extensive background check before being hired and given access to the computer systems.

Question 11

Exit Interviews

Answer 11

The last real opportunity for that communication occurs when an individual leaves the organization and they are given an exit interview.

Question 12

Non–disclosure Agreement (NDA)

Answer 12

A legal contract intended to cover confidentiality. Keep your mouth shut!!

Question 13

Onboarding

Answer 13

The process used to train a new employee and bring them up to speed with the organization, its clients, its products, and so forth is known as onboarding.

can also be used to in the context of getting a new piece of equipment.

Question 14

Acceptable Use Policy/ Rules Of Behavior (AUP)

Answer 14

Describe how the employees in an organization can use company systems and resources, both software and hardware.

Question 15

Which of the following agreements contains the technical information regarding the technical and security requirements of the interconnection between two or more organizations?
A. BPA
B. MOA
C. ISA
D. MOU

Answer 15

C. ISA

Question 16

A policy that limits what is visible in an employees work space in known a what?
A. Clean Desk Policy
B. Acceptable use Policy
C. Clean Workspace Policy
D. Privacy Policy

Answer 16

A. Clean Desk Policy

Question 17

Which of the following policies are designed to reduce the risk of fraud and prevent other losses in an organization?
A. Separation of duties
B. Acceptable use
C. Least privilege
D. Physical access control

Answer 17

A. Separation of duties