True or False? Regarding policy violations, a consequence model is intended to be punitive for individuals.
Blog
Bill is promoted to a position that has an elevated level of…
Bill is promoted to a position that has an elevated level of trust. He started with the organization in an entry-level position, and then moved to a supervisory position and finally to a managerial role. This role entails that the employee trains other employees and has a deep understanding of how the department functions. Which of the following actions should be taken that provide adequate access for Bill without making him a target of suspicious activity?
Regarding the Target breach in 2013, significant weaknesses…
Regarding the Target breach in 2013, significant weaknesses in the information security framework and its related controls were present. Which of the following likely did not play a role in the Target breach?
True or False? The dollars spent for security measures to co…
True or False? The dollars spent for security measures to control or contain losses should never be less than the estimated dollar loss if something goes wrong.
Which of the following provides temporary elevated access to…
Which of the following provides temporary elevated access to unprivileged users?
An acceptable use policy (AUP) defines the intended uses of…
An acceptable use policy (AUP) defines the intended uses of computers and networks. This policy delimits unacceptable uses and the consequences for policy violation. Which of the following is not likely to be found in an AUP?
It is recommended that systems administrators analyze logs t…
It is recommended that systems administrators analyze logs to determine if the logs have been altered because monitoring can deter risk. To serve this goal, a __________ can be used to assemble logs from platforms throughout a network.
Aside from human user types, there are nonhuman user groups….
Aside from human user types, there are nonhuman user groups. Known as account types, __________ are implemented by the system to support automated services, and __________ are accounts that remain nonhuman until individuals are assigned access and can use them to recover a system following a major outage.
A best practice for User Domain policies is to employ ______…
A best practice for User Domain policies is to employ __________ as the preferred means of mitigating threats.
True or False? The chief information security officer (CISO)…
True or False? The chief information security officer (CISO) is responsible for the development of the framework for IT security policies, standards, and guidelines.