Ch11: Implementing Policies to Mitigate Risks

Question 1

Written security policies are

Answer 1

administrative controls that identify a security plan

Question 2

Personnel create plans and procedures to

Answer 2

implement security controls and enforce the security policies

Question 3

Mandatory vacation policies

Answer 3

require employees to take time away from their job to help deter fraud and discover malicious activities while the employee is away

Question 4

Separation of duties

Answer 4

prevents any single person or entity from controlling all the functions of a critical or sensitive process by dividing the tasks between employees. This helps prevent potential fraud (e.g. single person prints and signs checks)

Question 5

Job rotation policies

Answer 5

require employees to change roles on a regular basis. This helps ensure that employees cannot continue with fraudulent activity indefinitely

Question 6

Clean desk policy

Answer 6

requires users to organize their areas to reduce the risk of possible data theft. Reminds users to secure sensitive data and may include a statement about not writing down passwords

Question 7

Background checks

Answer 7

investigate the history of an individual prior to employment

Question 8

When an individual departs an organization, sometimes a _ is conducted

Answer 8

exit interview

Question 9

Improper use of social networking can result in…

Answer 9

inadvertent information disclosure

Question 10

_ occurs when users install P2P software and unintentionally share files

Answer 10

Data leakage

Question 11

Organizations often block P2P software…

Answer 11

at the firewall

Question 12

MOU/MOA

Answer 12

Memorandum of understanding or memorandum of agreement defines responsibilities of each party, but is not as strict as a SLA (service level agreement) or ISA (interconnection security agreement)

Question 13

If the parties will be handling sensitive data, they should include a…

Answer 13

ISA to ensure strict guidelines are in place to protect the data while in transit

Question 14

A MOU/MOA often supports a..

Answer 14

ISA

Question 15

Public data…

Answer 15

is available to anyone

Question 16

Confidential data…

Answer 16

is kept secret among a certain group of people

Question 17

Proprietary data…

Answer 17

is data related to ownership, such as patents or trade secrets

Question 18

Private data…

Answer 18

is information about individuals that should remain private

Question 19

Data classifications and data labeling help ensure…

Answer 19

personnel apply the proper security controls to protect information

Question 20

Cluster tip wiping

Answer 20

is a special process that removes the random data stored at the end of a file (can sanitize files stored on a system preventing random, possibly proprietary data showing up in this area)

Question 21

Owner

Answer 21

has overall responsibility for protection of data

Question 22

Steward or custodian

Answer 22

handles routine tasks to protect data

Question 23

Privacy officer

Answer 23

an executive responsible for ensuring the organization complies with relevant laws

Question 24

An incident response policy defines

Answer 24

a security incident and incident response procedures

Question 25

Incident response procedures start with

Answer 25

preparation to prepare for and prevent incidents

Question 26

_ allows personnel to analyze the incident and the response with the goal of preventing a future occurence

Answer 26

reviewing lessons learned

Question 27

When collecting data for a forensic analysis, you should…

Answer 27

collect it from the most volatile to the least volatile. Order of volatility is cache, RAM, swap, hard drive, logs on remote systems, archived media

Question 28

Forensic image

Answer 28

bit-by-bit copy of the data that does not modify the data during the capture

Question 29

A chain of custody provides

Answer 29

assurances that evidence has been controlled and handled properly after its collection. It documents who handled the evidence and when they handled it

Question 30

Legal hold

Answer 30

court order to preserve data as evidence

Question 31

Role-based training

Answer 31

ensures that employees receive appropriate training based on their roles in the organization

Question 32

Common roles that require role-based training

Answer 32

data owners, system admins, system owners, end users, privileged users, executive users