Explain the importance of policies to organizational security Flashcards

1
Q

Personnel

A
Acceptable use policy
Job rotation
Mandatory vacation
Separation of duties
Least privilege
Clean desk space
Background checks
Non-disclosure agreement (NDA)
Social media analysis
Onboarding
Offboarding
User training
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Acceptable use policy

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Job rotation

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Mandatory vacation

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Separation of duties

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Least privilege

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Clean desk space

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Clean desk space

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Background checks

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Non-disclosure agreement (NDA)

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Social media analysis

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Onboarding

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Offboarding

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

User training

A

Gamification
Capture the flag
Phishing campaigns

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Gamification

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Capture the flag

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Phishing campaigns

A

Phishing simulations
Computer-based training (CBT)
Role-based training

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Phishing simulations

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Computer-based training (CBT)

A
20
Q

Role-based training

A
21
Q

Diversity of training techniques

A
22
Q

Third-party risk management

A
Vendors
Supply chain
Business partners
Service level agreement (SLA)
Memorandum of understanding (MOU)
Master services agreement (MSA)
Business partnership agreement (BPA)
End of life (EOL)
End of service life (EOSL)
NDA
23
Q

Vendor

A
24
Q

Supply chain

A
25
Q

Business partners

A
26
Q

Service level agreement (SLA)

A
27
Q

Memorandum of understanding (MOU)

A
28
Q

Master services agreement (MSA)

A
29
Q

Business partnership agreement (BPA)

A
30
Q

End of life (EOL)

A
31
Q

End of service life (EOSL)

A
32
Q

NDA

A
33
Q

Data

A

Classification
Governance
Retention

34
Q

Classification

A
35
Q

Governance

A
36
Q

Retention

A
37
Q

Credential policies

A
Personnel
Third-party
Devices
Service accounts
Administrator/root accounts
38
Q

Personnel

A
39
Q

Third-party

A
40
Q

Devices

A
41
Q

Service accounts

A
42
Q

Administrator/root accounts

A
43
Q

Organizational policies

A

Change management
Change control
Asset management

44
Q

Change management

A
45
Q

Change control

A
46
Q

Asset management

A