Module 11: Security Policies and Laws Flashcards
Why are security policies important
It defines the rules of safeguards, which reduce the risk of personnel injury and property loss
TRUE or FALSE: A security policy helps preventing wastage of a company’s computing resources
TRUE
What are the key elements in a security policy
- Clear Communication
- Brief and Clear Information
- Defined Scope and Applicability
- Enforceable by Law
- Recognizes Areas of Responsibility
- Sufficient Guidance
- Top Management Involvement
Ultimately what do the security policy safeguard
The assets
What vital role does a security policy play
Improving the operational efficiency of an organizational
If an employee commits a violation why is it important to have a security policy
It becomes a point of reference
A good security policy has characteristics that are well defined for a clear understanding. What are some such characteristics
- Implemented and administered through proper channels
- Enforced through sanctions and security tools
- Defined areas of responsibility for users, admins, and management
- Documented, distributed, and communicated
When should a security policy be implemented
After building, revising, and updating of policy statements
TRUE or FALSE: The final security policy should be available to only the upper management and some parts of the organization where it will affect production
FALSE
It should be available to the whole organization
Where should the policy be available to the organization
The internal network
What is an Access Control Policy
It authorizes a group of users to perform a set of actions on a set of resources
TRUE or FALSE: Access Control Policy prevents unauthorized access through managed controls and creates a secure computing environment
TRUE
What are the elements of access control policy
- Access group (group of users to which the policy applies)
- Action group (group of actions performed by the user on resources)
- Resource group (resources controlled by the policy)
- Relationship (Resource class can have a set of relationships associated with it)
What is an Acceptable Use Policy
A policy that defines the proper use of computing resources
According to the Acceptable Use Policy what are the responsibility of the users
To protect the information available in their accounts
What is an Administrative Security Policy
It defines the security and protection requirements for information and information systems
How is the Administrative Security Policy important
- Safeguards valuable or confidential info from unauthorized access
- Eliminates strong legal liability from employees or third parties
- Ensures data availability
- Ensures data integrity and prevents information from unauthorized and undetected tampering of the information
What is an Asset Control Policy
Designed to protect the organizational resources on the network by establishing the policies and procedures
What is created to keep up with all the assets
A tracking database
To track an asset what is assigned to the asset
ID (Internal tracking number)
What is an Audit Trail Policy
A policy that collects all audit trails such as series of records of computer events, about an operating system, an application, or user activities
TRUE or FALSE: As a support for operations, audit trails are used to help system admins ensure that the system or resources have not been harmed by attackers, insiders, or technical problems
TRUE
What are the 4 benefits of audit trails
- Individual Accountability
- Reconstructing Events
- Problem Monitoring
- Intrusion Detection
What is a Logging Policy
Defines which set of system events needs to be logged
TRUE or FALSE: If there are too many logs then it becomes easier to review the logs
FALSE
The logging policy includes what elements in its policy
- Notification procedures
- Guidelines for log review intervals
- Retention standards
- Response time
What does a Documentation Policy
Determines the requirements and procedures for documentation of organization’s operations and resources such as networks and servers.
Why are Evidence Collection Policies important
They are required to provide a legally sound framework for collecting evidence related to a security incident
What is an Evidence Preservation Policy
A policy that determines how to preserve the evidence and maintain them in their original state
TRUE or FALSE: Two copies of the evidence must be maintained. 1 original and 2 backups for testing
TRUE
What type of backups are to be made as they are more through than the standard backups
Bit stream
Why is an Information Security Policy even needed
It lays the foundation for information security within an organization
How does an Information Security Policy help most of all
It helps to ensure that the company follows the CIA with regards to data
What does NIACAP stand for
National Information Assurance Certification & Accreditation Process
What does NIACAP do
Sets up a standard national process, set of activities, general tasks, and a management structure to certify and accredit systems
What is the Physical Security Policy
Establishes rules for granting, control, monitoring, and removal of physical access to information resources and facilities
What type of agreements need to be signed for physical access to information resource facilities
Access and Non-disclosure agreements
According to federal law what must federal agencies in regards to incidents
Federal agencies must report the incidents to the Federal Computer Incident Response Center
TRUE or FALSE: A procedure to monitor the efficiency of the security controls is not part of the computer risk policy
TRUE
TRUE or FALSE: An audit trail policy helps in calculating intangible losses to the organization due to an incident
FALSE
