Policies and Procedures Flashcards
what documented procedures determines the appropriate course of action if there is a security breach?
Security Procedures
physical security, document security and network security are all covered in what Policy?
The Security Policy
What might government agencies that work with confidential information require from you before granting a contract?
Your security certified by external auditors
Which organization certifies the functionality of security products?
ICSA (Institute of Chartered Secretaries and Administrators)
Recording equipment like cell phones shouldn’t be prohibited in a security policy, TRUE or FALSE?
FALSE
ensuring that employees understand the implications of installing pirated software would be included in what policy?
Security Policy
What do international export controls ensure a company does?
1) ensure a company follows all laws and regulations regarding the import/export of software
What should a company do to ensure export controls aren’t violated?
Implement controls to ensure employees don’t accidentally violate them.
At what two points should you inform users of the security policy?
1) When they join
2) When they connect to an application/service
How should monitors be placed?
so that visitors or people looking through windows can’t see them. Use privacy screens if necessary
how often should you review and audit network security?
at least once a year
It’s ok to allow several users to share a network account to access a shared mailbox?
No. Assign each of their network accounts with the privileges to access the desired mailbox.
guards should receive periodic training to make sure they can recognize a threat and take appropriate action - TRUE or FALSE?
TRUE
What policy document would you refer an employee to if they inadvertently installed a wireless access point?
The acceptable usage policy
what does a security procedure define?
how to respond to a security event that happens on your network
What to do when someone has locked themselves out of their account.
How to properly install or remove software.
What to do if files on a server suddenly disappear.
actions to take if there is a physical emergency.
What to do when a network computer has a virus are all examples of what?
security procedures
When security training system admins, what important piece of information should they know?
understand the correct ways to escalate
What are the 3 countermeasures when it comes to dealing with data remanence (data remanence = residual data)
1) clearing
2) purging
3) destruction
Special forensic techniques can recover cleared data? TRUE or FALSE
TRUE
What countermeasure prevents data recovery even with advanced forensic techniques?
Purging/Sanitization
List 4 types of data destruction techniques
1) Overwriting
2) Degaussing
3) Encryption
4) Physical Destruction
What should security professionals research for destroying data on solid state drives?
Sanitization commands
What destruction method could you use for cloud based informatoin?
Encryption
List 6 types of motion detection
1) Infra-red - heat
2) Electromechanical - circuit break
3) Photoelectric
4) Acoustic detection (sensitive, watch for false alarms)
5) Wave motion - generates wave pattern
6) Capacitance - uses magnetic field
What can help support a proper asset management plan and simplifies maintaining accurate records?
tagging assets
What are the most important types of system updates?
Anti-malware updates
List the 3 advantages of using a cloud based anti-malware service
1) they allow access to the latest malware data within minutes of the cloud antivirus learning about it
2) they eliminate the need to continually update your software
3) requires little processing power
List 3 disadvantages of cloud based anti-malware
1) they can’t run in the background
2) they may only scan core files
3) internet connection dependant
What 3 things do definition files/databases list?
1) Viruses and Types
2) Virus footprints
3) How to remove them
What 3 things does the virus engine do?
1) runs virus scans
2) cleans the files
3) notifies people
Scanning for viruses without a known definition is known as what?
Heuristic scanning
What are the 3 key steps in updating anti-virus components?
1) upgrade the anti-virus software
2) update the definitions
3) perform scans
What 3 scenarios would you perform an On-Demand Scan?
1) when you first install the anti-virus
2) when you upgrade the anti-virus software
3) when you suspect a virus outbreak
- NOTE-be sure you have the latest virus definitions before an on-demand scan
What type of scan would you perform if a virus had totally taken control of your machine?
Emergency Scan
What do you need to perform an emergency scan?
the anti-virus emergency boot disk
What 6 steps should you take to fix an infected computer?
1) first scan all potentially affected internal and external disks
2) establish cleaning station and quarantine area
3) stop users using machines in infected area
4) remove external memory devices and scan on cleaning station
5) update virus definitions on computers still operational
6) do full scans on all computers in the office
What do the Institute of Chartered Secretaries and Adminstrators do regarding security?
They certify the functionality of security products
