Security Program Management and Oversight 5.6

Question 1

Phishing campaigns

Answer 1

users should be aware of how to identify phishing attacks and best practices to follow when a phishing email is seen

How to respond and how to report. Should be able to recognise.
Email filter should be able to prevent phishing emails making it through to the inbox,

Question 2

Anomalous behavior recognition

Answer 2

Risk Behavior - Modifying Host file, Replacing a core OS file, Uploading sensitive files
Unexpected behavior - logging in from another country. increase in data transfers.
Unintentional behavior - Typing in the wrong domain name, misplacing usb drives

Question 3

User training

Answer 3

Security awareness training. Before providing access, train your users.

Question 4

Policy or handbooks

Answer 4

Document all security requirements, provide access online in policy guidelines.

Question 5

Situational awareness

Answer 5

Users should always be looking for threats.

Software attacks, Email links, attachments unusual URLs, text messages, etc.

Question 6

Insider threat

Answer 6

Multiple approvals for critical processes. Monitor files and systems as much as possible.

Question 7

Password Management

Answer 7

Complexity requirements.

Question 8

user guidance and training

Answer 8

Removable media and cables, unknown usb drives can contain malware.

Question 9

Social engineering

Answer 9

Extensive and ongoing training, attackers are very good. The users are your front line defence