Chapter 6 Flashcards
What’s the “SETA Program”?
It is an awareness program for reducing accidental security breaches by members of the organization.
What are 3 benefits of “SETA Programs”?
-Improve employee behavior.
-Inform members about where to report policy violations.
-Ability to hold employees accountable for their actions.
How does SETA enhance security? List 3
-Building knowledge to design or use security programs.
-Building knowledge to use IT systems securely.
-Increase awareness of the need for InfoSec.
What’s “Security Training”?
Outsourced training that provides information and hands-on instructions so members can work more securely.
Name and explain the 2 ways for customizing training for users?
1- functional background:
*general.
*managerial.
*technical.
2- Skill level:
*basic.
*intermediate.
*advanced.
Is training done for one or few individuals, rather than large groups?
Yes, because waiting for large groups can cost productivity.
What are “Security awareness programs” and their affects?
- They make members understand the importance of security.
- Reminds user of procedures to be followed.
Name 3 things to do when developing an awareness program:
- Less technical wording.
- Keep things light.
- Plan and document everything.
What is some advice for InfoSec awareness programs:
3 points:
- Speak in a way they can understand.
- They can’t learn what they don’t understand.
- Tell the students what you plan to tell them, then tell it to them, then remind them of what you told them.
Security training may be undermined if…
management does not set a good example.
Name 3 possible security components:
- Videos.
- Posters.
- Lectures and training.
Name 3 types of trinkets:
- Hats.
- Shirts.
- Mugs.
