Operational Procedures: Explain the importance of prohibited content/activity and privacy, licensing, and policy concepts.

Question 1

What type of incident we need to look for?

Answer 1

an event that disrupts normal business operations

The context is prohibted content in the work place. - Gambling/ adult sites etc

Question 2

what is an incident response plan is?

Answer 2

Incident Response Plans

Documented plan outlining the steps to take following the discovery and confirmation of an incident.

Question 3

What is an incident Response Procedure?

Answer 3

Preparation

Training

Practice drills (mock data breaches)

Ensuring all resources are approved and funded

Question 4

What happens on an Event of an incident before taking the procedure?

Answer 4

Identification

Determining if there is a breach (violation of a security policy)

Question 5

What comes after Containment?

Answer 5

Containment

Data preservation (Drive seizure or copying)

Data integrity

Chain of Custody – evidence chain of custody form

Question 6

What is followed after containment?

Answer 6

Eradication (only for other types of breaches)

Determine root cause of breach

Malware removal

Question 7

After containment what must you follow up on doing?

Answer 7

Recovery

Reintroduce affected systems into production environment

Reimaging, restore from backup

Continuous Monitoring

Question 8

To complete the whole Incident procedure what must we record after recovery?

Answer 8

Lessons Learned

Discuss the breach

What has the incident response team learned after the IRP was implement

What can the team do better next time.

Question 9

What does an Open-Source license allows to do?

Answer 9

An open-source license allows you to modify an application’s source code, creating a customized version of the software. Most open-source software is available for free, and the software publisher generates revenue through service contracts, technical support, and add-on features. Some examples of open-source operating systems are Chrome OS and Android.

Question 10

What does DRM mean?

Answer 10

Digital Rights Management (DRM) controls how users may consume, install, store, or otherwise interact with copyrighted material they have purchased, such as e-books and digital music files.

Question 11

Personal Use License vs. Corporate Use Licenses

Answer 11

A personal use license is meant to be used by an individual. A single personal license may allow you to install the software on one or more systems. For example, Office 365 is a subscription-based software that can be installed on five systems at one time.

Corporate use licenses are meant to be used within organizations. Individual users use them but only for business purposes on their laptops or desktops. Organizations fund corporate licenses for users.

Question 12

What is EULA?

Answer 12

EULA
EULA is the End User License Agreement. Each software, such as enterprise or commercial, is equipped with EULA, which states how an end-user should use the software. For example, EULA may state that the software is meant only for personal purposes and cannot be used for commercial use.

There are two types of EULA:

Shrink wrap: These are placed on the software boxes. The user would consent to the EULA by breaking the shrink wrap.
Clickwrap: These are built within the software. The user must accept the EULA to use the software. These are also found on Websites. For example, you would accept the EULA, and then you can access the online services being offered on the Website.

Question 13

What is a Commercial License?

Answer 13

For a commercial license, the source code is closed and proprietary to the developer, and not available for modification. Some examples of commercially-licensed operating systems are Microsoft’s Windows and Apple’s iOS.

Question 14

What is enterprise license?

Answer 14

Enterprise licenses are geared towards larger companies that need to install the software on hundreds or thousands of machines. Enterprise licenses are less expensive than personal licenses for each installation, although the overall price will be much higher because of the high volume of licenses that will be purchased. An enterprise license is typically granted for a commercial application. Some open source operating systems have licenses, but most of them do not.

Within any given company, many devices, programs, and applications require licenses for an organization to legally own and use their services. As an organization grows, it can become cumbersome to manage these licenses, but doing so is important to prevent any legal trouble or fines. Your organization should implement routine license monitoring to ensure that every license in use is valid or due to expire. The IT department should keep careful track of all licensed resources, including software and hardware, and should manage those licenses to ensure that services are not interrupted.

Question 15

What happens to an expired license vs non-expired license?

Answer 15

An expired license, even for a service or application that you purchased, means that the organization or system is no longer authorized to use the application. Continuing to use the application after license expiration could result in legal and security issues. Legal issues arise when the organization no longer has rights to use the software, and security issues arise when the organization can no longer use the vendor’s licensed services to update the software. A non-expired licenses means the organization can still use the software and obtain regular updates from the software vendor.

Question 16

Why do data retention requirements exist?

Answer 16

Data retention requirements exist for certain types of sensitive data or records. For example, sensitive data being processed by a computer system, stored on media or accessed by a person. While organizations can create their own data retention policy, they must also adhere to a number of data retention laws, especially if these organizations operate within regulated industries and compliance laws.

Question 17

What does PII consist of?

Answer 17

Personally Identifiable Information (PII) is information that defines you as an individual. Personally identifiable information (PII) can be an individual’s race, name, date & place of birth, biometric, medical, financial, or employment information, social security number (SSN), phone number, address, etc. This information, along with credit card numbers and personal government-issued information, can be used in identity theft when a person impersonates you.

Question 18

Why is GDPR so important?

Answer 18

General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) is a new compliance standard started in the EU. Personal information no longer used must be removed by the company. Companies can be fined if they store required information only but cannot justify why they have the personal information.

Question 19

What is PHI?

Answer 19

Protected Health Information (PHI)
Protected Health Information (PHI) is any information that can be used to identify an individual. This information is created, used, or disclosed while providing health care services, such as a diagnosis or treatment. This information, along with medical records, conversations between doctors and nurses about treatment, billing information, and any patient-identifiable information, are all available in a health insurance company’s computer system.

In the US, PHI is protected through the Health Insurance Portability and Accountability Act (HIPAA). Any covered provider who handles your PHI must meet HIPAA’s requirements for data security and privacy, including health insurance companies and third-party healthcare providers like billing services and outpatient providers.

Question 20

What is PCI compliance?

Answer 20

Payment Card Industry (PCI) compliance is associated with electronic commerce, and how websites handle your credit card information.