Related Essays

  • Security Policy

    What is security policy? we will talk about security policy and what's the mean, “What is security policy"? The policy is a form of documentation that is c...

  • IT Security Policy

    The policy should be clear and concise so the target audience can understand it (“The IT Security Policy Guide”, n.d., pg. 5). A security policy should have...

  • Plankton Games: Security Policies

    The security policies should outline what employees are expected of in regards to complying with the security policies and the consequences

  • The Importance Of Auditing IT Controls

    It 's been my experience that many organizations underestimate the importance of well-planned and well written policies and procedures in their push towards ...

  • Information Security Policy

    Information security policy refers to measures taken by a company in an attempt to control the behavior of the labor force. The policy ensures that no inappr...

  • Nstissi 4011 Security Model: A Case Study

    Lastly, the education and training must be taken place to public the policies and guide the usage of appropriate applications to all employees and partners. ...

  • Senior Project Managers Need To Maintain Control Of The Railway System

    The safety policy statement should be communicated and made available to all staff using the appropriate channel (formal communication, newsletter, intranet,...

  • Acceptable Use Policy Vs Security Policy

    In order to understand the differences between a security policy and an acceptable use policy we must understand the how each one is define in our textbook. ...

  • Information Security Policy Analysis

    1. Discuss the purpose of an Information Security Policy and how it fits into an effective information security architecture. Your discussion should include ...

  • Justification Of Disaster Response Protocols

    The review of policies and procedures are to ensure that they are up to date with the latest assurance plan. The policies and procedures are what governs how...

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/10

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

10 Cards in this Set

  • Front
  • Back

What is a Security Policy?

A document that is made up of many sub documents that defines the company's security strategy.
What are the parts of the Security Policy?
  1. Overview: Defines purpose
  2. Scope: Whom it applies to
  3. Policy: Largest section Do's and Don'ts
  4. Enforcement: results of non-compliance
  5. Definitions
  6. Revision History: starts with creation date

What are the three types of policies?
  1. Standard: Needs to be followed
  2. Guidelines: Recommendations
  3. Procedures: step-by-step instructions

What is Personal Identifiable Information (PII)?

Any information that can uniquely identify a person. SS#, Driver's License#... This information must be protected at all times.

Security Control is used to?

Identify any mechanism that is used to protect an asset within the organization i.e. firewalls, antivirus software and ACLs.

Name two popular policies that affect users?
  1. Acceptable Use Policy (AUP)
  2. Password policy

Name five considerations when creating Password Policies.
  1. Minimum Password Length:
  2. Password History:
  3. Maximum Password Age: max time for PW
  4. Minimum Password Age: min time B4 chg
  5. Password Complexity:

What is a Service Level Agreement (SLA)? What does it specify?

It is an agreement, between your company and any service provider. The maximum amount of downtime that is allowed for assets such as Internet and e-mail.

Name 8 other types of polices
  • Remote Access and VPN
  • Incident Response
  • Firewall and Physical Security
  • Audit, Software and Backup

What is PII?

PII is Personal Identifiable Information