Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

xx. Udemy - CISM Domain 1 - Information Security Governance > 04. Info Sec Gov: Policies, procedures, guidelines, and frameworks > Flashcards

04. Info Sec Gov: Policies, procedures, guidelines, and frameworks Flashcards

1
Q

Policies, procedures, guidelines, and frameworks

Policies

A
  • Mandatory
  • High Level, non specific

  • May contain patches, updates, strong encryption
  • Will not be specific to OS or encryption type, vendor technology
  • Strategic, typically delivered by C-Level

POLICIES, STANDARDS, GUIDELINES, PROCEDURES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Policies, procedures, guidelines, and frameworks

Standards

A
  • Mandatory
  • Specific use of technology

  • All windows laptops will be windows 10 for example, 64bit, 8 gig mem
  • Management level typically involved here
  • Tactical

POLICIES, STANDARDS, GUIDELINES, PROCEDURES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Policies, procedures, guidelines, and frameworks

Guidelines

A
  • Non-Mandatory
  • Recommendations, discretionary

  • Suggests how something could be implemented
  • Tactical

POLICIES, STANDARDS, GUIDELINES, PROCEDURES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Policies, procedures, guidelines, and frameworks

Procedures

A
  • Mandatory
  • Low level step by step

  • Will contain OS and encryption type, vendor technology
  • Tactical

POLICIES, STANDARDS, GUIDELINES, PROCEDURES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Policies, procedures, guidelines, and frameworks

Baseline

A
  • Mandatory
  • Minimum requirements

  • Tactical

POLICIES, STANDARDS, GUIDELINES, PROCEDURES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Policies, procedures, guidelines, and frameworks

Personnel Security

A

Users pose largest security risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Policies, procedures, guidelines, and frameworks

Personnel Security:
Awareness

A

Change user behaviour

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Policies, procedures, guidelines, and frameworks

Personnel Security:
Training

A

Provide users with skillset

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Policies, procedures, guidelines, and frameworks

Personnel Security:
Hiring Practices

A

Background checks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Policies, procedures, guidelines, and frameworks

Personnel Security:
Employee Termination Practices

A

Coach and Train employees before firing
Coordinate with HR

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Policies, procedures, guidelines, and frameworks

Personnel Security:
Vendors, Consultants, Contractor

A
  • Ensure outsiders are train how to handle data
  • Their systems need to be secure in accordance with our policy
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Policies, procedures, guidelines, and frameworks

Personnel Security:
Outsourcing and Offshoring

A
  • A 3rd party doing all or in part your IT work
  • Perform thorough risk anlysis
  • Offshoring - may not have to comply with same data protection standards

  • Outsource - someone else close by
  • Offshoring - someone else far away
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

xx. Udemy - CISM Domain 1 - Information Security Governance (34 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions