Security Management Policy Essay
Security Management Policy Essay
Description
ORDER A PLAGIARISM FREE PAPER NOW
Don't use plagiarized sources. Get Your Custom Essay on
Security Management Policy Essay
Just from $15/Page
- What are three risks and threats of the User Domain?
- Why do organizations have acceptable use policies (AUPs)?
- Can Internet use and e-mail use policies be covered in an acceptable use policy?
- Do compliance laws, such as the Health Insurance Portability and Accountability Act (HIPAA) or GLBA, play a role in AUP definition?
- Why is an acceptable use policy not a fail-safe means of mitigating risks and threats within the User Domain?
- Will the AUP apply to all levels of the organization? Why or why not?
- When should an AUP be implemented and how?
- Why would an organization want to align its policies with existing compliance requirements?
- In which domain of the seven domains of a typical IT infrastructure would an acceptable use policy (AUP) reside? How does an AUP help mitigate the risks commonly found with employees and authorized users of an organization’s IT infrastructure?
- Why must an organization have an acceptable use policy (AUP) even for nonemployees, such as contractors, consultants, and other third parties?
- What security controls can be deployed to monitor and mitigate users from accessing external Web sites that could potentially be in violation of an AUP?
- What security controls can be deployed to monitor and mitigate users from accessing external webmail systems and services (for example, Hotmail®, GmailTM, Yahoo!®, etc.)?
- Should an organization terminate the employment of an employee if he/she violates an AUP?Crafting an Organization-Wide Security Management Policy for Acceptable Use Assignment Questions & Answers 1. What are three risks and threats of the User Domain? 2. Why do organizations have acceptable use policies (AUPs)? 3. Can Internet use and e-mail use policies be covered in an acceptable use policy? 4. Do compliance laws, such as the Health Insurance Portability and Accountability Act (HIPAA) or GLBA, play a role in AUP definition? 5. Why is an acceptable use policy not a fail-safe means of mitigating risks and threats within the User Domain? 6. Will the AUP apply to all levels of the organization? Why or why not? 7. When should an AUP be implemented and how? 8. Why would an organization want to align its policies with existing compliance requirements? 9. In which domain of the seven domains of a typical IT infrastructure would an acceptable use policy (AUP) reside? How does an AUP help mitigate the risks commonly found with employees and authorized users of an organization’s IT infrastructure? 10. Why must an organization have an acceptable use policy (AUP) even for nonemployees, such as contractors, consultants, and other third parties? 11. What security controls can be deployed to monitor and mitigate users from accessing external Web sites that could potentially be in violation of an AUP? 12. What security controls can be deployed to monitor and mitigate users from accessing external webmail systems and services (for example, Hotmail®, GmailTM, Yahoo!®, etc.)? 13. Should an organization terminate the employment of an employee if he/she violates an AUP?
Purchase answer to see full attachment
