Chapter 11 Flashcards
What are Security Policies?
- Written documents that out line the security plans within a company.
- administration control to reduce and manage risks
What are Personnel Policies?
Policies that relate to issues around staff and their behaviors, expectations, and the consequences if they do not follow.
What’s is the Acceptable Use Policy?
- AUP (Acronym)
- Policy that determines how users will use the computers, network, and other company resources.
What is the Privacy Policy?
The Privacy Policy clarifies the company’s stance on whether or not user activity on a company device will be private. Can be apart of the AUP. Users usually have to sign.
What are Mandatory Vacation?
Personnel policy that force users to take leave from work. Also used to help identify and deter if there is potential theft or fraud.
What is Separation of Duties?
Personnel policy used to keep one employee or entity from having too much access which can increase the potential of fraud, theft, errors, and or system failures.
What is Least Privilege?
Personnel policy which states that a user should only have the rights, access, and permissions to perform their job and nothing more.
What is Job Rotation?
Job Rotation is a Personnel policy which requires employees to change positions within a set time period. Period can be reoccurring. Used to identify fraudulent activity.
What is a Clean Desk Space policy?
Personnel policy that requires users to keep their work spaces organized and clean. Used to prevent data loss and undisclosure from easy accessed to files and devices out in the open.
What is the Background Check?
Personnel Policy that require the company to do a history check on current and potential employees. Can include, criminal history, Online/Social media history, and or financial history to name a few.
What is onboarding / off boarding?
Onboarding is the process of bringing a employee into a company and providing them access to all the required company resources.
Off-boarding is the process a employee follows to exit a company. Disabling and or Deleting their accounts to restrict access to resources and returning their equipment to the company.
What is an NDA?
- (Non-Disclosure Agreement)
- an agreement between two or more parties that requirement them to not use it share proprietary information with an unauthorized person or entity.
What is Social Media Analysis?
When a company reviews the online activity of a current or future potential employee.
What is the Supply Chain?
All the elements required to produce and sell products and or services.
What is Vendor Diversity
When a company reduces risk by using more than one vendor of the same Supplies or service in case a vendor is no longer able to provide said supply or service. This policy may also limit the amount of access vendors have to an orgs’ network.
What is EOL and EOSL?
End of Life (EOL) is basically the shelf life of a product, i.eg the product will no longer be sold.
End of Service Life (EOSL) indicates when a vendor will no longer provide support to the org. This may include patch or software support.
What is an SLA?
A Service Level Agreement (SLA) outlines the terms, services, and performance expectations a vendor agrees to when working with an org.
What is an MOU
A Memorandum of Understanding (MOU) is a less formal SLA that outlines the intent of two or more entities to work together to obtain a common goal.
What is a BPA?
A Business Partnership Agreement is a document that outlines the relationship between business partners, including the obligations towards the partnership. It also identifies shares of profit and losses.
What is an MSA?
A Measurement System Analysis (MSA) evaluates the processes and tools used to make measurements. The accuracy of the tool is dependent on the consistency of its results.
What are the elements of the Incident Response Process?
Preparation, identification, containment, eradication, recovery, and lesson learned.
What is SOAR, and what is its main benefit?
SOAR - Security Orchestration, Automation, and Response. These are tools that work together on a platform to automatically detect and respond to suspicious low-level activity. As an automated tool, it frees up administration time to focus on greater threats.
What is the difference between a Playbook and a Runbook?
Playbook - provides guidelines or steps in document form to address an incident response.
Runbook - uses the technical know-how to implement the steps provided by the Playbook.
In football, the Playbook is used by coaches to call the play, the Runbook would be the actual players that carry out the plays in real-time.
What is a Chain of Custody and how are Tags used?
A chain of custody is a document that establishes the proper handling of collected evidence from a security incident. This specifically includes, the initial use of tagging (stickers or identifier markers used to identify an article of evidence) and identifying the personnel who have been in possession of the evidence, its location while in use, and its storage location. All of this is done to ensure evidence that makes it to court is admissible.
What is a Legal Hold?
A Legal Hold is a court order directive instructing an org to preserve or retain data is associated with a legal proceeding. Org’s data retention policy comes into play as it identifies how long an org holds on to its data.