Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Unit 2 IT - Tasmiyah + Questions > 6.4 - Protection Measures to mitigiate information breaches in information security > Flashcards

6.4 - Protection Measures to mitigiate information breaches in information security Flashcards

1
Q

Policies

A

Leaders of organisations set policies for staff to follow.

Security policies set out how breaches should be address and how IT equipment should be used securely

Staff need to be TRAINED in how to follow the policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Staff Access Rights and what is the principle?

A

Setting out who should be able to view what

Principle: Access should be limited to only those who need it - by using tiered levels of access, this then means there’s less mistakes being made.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Responsibilities of staff - what is it & provide some policy examples.

A

The expectations on how to use the IT securely.

A policy could be:
- Set complex passwords and the policy should say what they mean by a complex password

  • Encrypt all personal data - should say how to do that
  • Don’t write down logins on notes and why
  • Don’t use USB sticks to prevent malware being introduced to the computers/take personal data from computers
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Risk Assessments

A

Regular checks (every month) on the CURRENT RISKS and how READY the organisation is to defend against these risks.

HIGH RISK - lots of issues/likely

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Effectiveness of Protection Measures

A
  • Reviewing current measures
  • May set out when and how the current measures are tested.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Disaster Recovery Plan
- what is it and what should it then include

A

Setting out what steps are needed following a major incident.

Should include:
- Who is responsible for what: who will lead

  • Dos and Dont’s for staff. (Do - backing up data.) (Don’t - not talking to the media so that they don’t know about the breach. )
  • Contingencies: alternative provisions (e.g temporary office, uploading data to cloud storage, using alternative equipment until its over)
  • Outline expectations for backing up when it should be, and what is the timeline of data recovery
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

After disaster

A

Recovery measures by doing backups

Replacement of hardware - purchased for equipment that is corrupted or destoryed

Reinstall software on new hardware

Updating and improving the policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Unit 2 IT - Tasmiyah + Questions (35 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions