CHAPTER SUMMARY

You learned in this chapter how to break up policies into seven domains. You examined each of the domains to learn why they exist, looked at related business concerns, and learned how to mitigate common risks. Security policies have to be aligned to the business. Most important, security policies can highlight regulatory and leading practice to guide the business in controlling these risks.

This chapter examined the changing nature of business through technologies such as wireless and handheld devices. You read about the differences between access methods such as RBAC and ABAC. It is important that security policies keep pace with changing technologies. You also saw what happens when security policies are not effective, as when more than 4.2 billion customer records were exposed in 2019. You should better understand the expanding role of the LAN to establish global connectivity through WANs. You also learned about techniques that keep this communication protected and private, such as VPN. Finally, you learned about the importance of having a DLP program defined in your security policies and about the drivers for DLP, including BYOD programs. DLP programs help organizations reduce the likelihood of data loss.

KEY CONCEPTS AND TERMS

Application software

Attribute-based access control (ABAC)

Bring your own device (BYOD)

Data leakage protection (DLP)

Data loss protection (DLP)

Demilitarized zone (DMZ)

Discovery management

Domain

Email policy

Firewall

Flat network

Help desk management

Inventory management

LAN domain

LAN-to-WAN domain

Log management

Multifactor authentication

Patch management

Privacy policy

Remote Access domain

Remote authentication

Role-based access control (RBAC)

Router

Security management

Segmented network

Sniffer

Switch

System access policy

System/Application domain

System software

Two-factor authentication

User domain

Virtual private network (VPN)

WAN domain

Web graffiti

Website defacement

Workstation domain

CHAPTER 4 ASSESSMENT

  1. Private WANs must be encrypted at all times.
    1. True
    2. False
  2. Which of the following attempts to identify where sensitive data is currently stored?
    1. Data leakage protection inventory
    2. DLP encryption key
    3. Data loss protection perimeter
    4. DLP trojans
  3. Voice over Internet Protocol (VoIP) can be used over which of the following?
    1. LAN
    2. WAN
    3. Both
    4. Neither
  4. Which of the following is not one of the seven domains of typical IT infrastructure?
    1. Remote Access domain
    2. LAN domain
    3. World Area Network domain
    4. System/Application domain
  5. Which of the seven domains refers to the technical infrastructure that connects the organization’s LAN to a WAN and allows end users to surf the Internet?
  6. One key difference between RBAC and ABAC is which of the following?
    1. ABAC is dynamic, and RBAC is static.
    2. ABAC is static, and RBAC is dynamic.
    3. No difference; these are just different terms to mean the same thing.
  7. A ________ is a term that refers to a network that limits what computers can say and how they are able to talk to each other.
  8. A LAN is efficient for connecting computers within an office or groups of buildings.
    1. True
    2. False
  9. What policy generally requires that employees lock up all documents and digital media at the end of a workday and when not in use?
    1. Acceptable use policy
    2. Clean desk policy
    3. Privacy policy
    4. Walk out policy
  10. What employees learn in awareness training influences them more than what they see within their department.
    1. True
    2. False
  11. What kind of workstation management refers to knowing what software is installed?
    1. Inventory management
    2. Patch management
    3. Security management
    4. Discovery management
  12. Always applying the most strict authentication method is the best way to protect the business and ensure achievement of goals.
    1. True
    2. False
  13. Generally, remote authentication provides which of the following?
    1. Fewer controls than if you were in the office
    2. The same controls as if you were in the office
    3. More controls than if you were in the office
    4. Less need for controls than in the office
  14. Remote access does not have to be encrypted if strong authentication is used.
    1. True
    2. False
  15. Where is a DMZ usually located?
    1. Inside the private LAN
    2. Within the WAN
    3. Between the private LAN and public WAN
    4. Within the mail server
  16. Dedicated network devices whose only function is to create and manage VPN traffic are called VPN ________.
  17. What is a botnet?
    1. A piece of software the end user loads onto a device to prevent intrusion
    2. A piece of software a company loads onto a device to monitor its employees
    3. A piece of software a hacker loads onto a device without user knowledge
    4. A piece of software used to communicate between peers
  18. The minimum standard in authentication for businesses is the use of ________.

ENDNOTES

1. Marr, Bernard, “How Much Data Do We Create Every Day? The Mind-Blowing Stats Everyone Should Read,” Forbes, https://www.forbes.com/sites/bernardmarr/2018/05/21/how-much-data-do-we-create-every-day-the-mind-blowing-stats-everyone-should-read/#3ad8b75b60ba, accessed April 13, 2020.

2. Ch., Radoslave, “Cloud Computing Statistics 2020,” Techjury, March 28, 2019, https://techjury.net/stats-about/cloud-computing/, accessed April 13, 2020.

3. Columbus, Louis, “Public Cloud Soaring to $331B by 2022 According to Gartner,” Forbes, https://www.forbes.com/sites/louiscolumbus/2019/04/07/public-cloud-soaring-to-331b-by-2022-according-to-gartner/#39bdacfb5739, accessed April 13, 2020.

4. McAfee, “12 Must-Know Statistics on Cloud Usage in the Enterprise,” March 9, 2017, https://www.skyhighnetworks.com/cloud-security-blog/12-must-know-statistics-on-cloud-usage-in-the-enterprise/, accessed April 13, 2020.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.221.40.153