2 cissp ® Official Study Guide Eighth Edition


Be able to explain proper termination policies



Download 19,3 Mb.
Pdf ko'rish
bet99/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   95   96   97   98   99   100   101   102   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Be able to explain proper termination policies.
A termination policy defines the proce-
dure for terminating employees. It should include items such as always having a witness, 
disabling the employee’s network access, and performing an exit interview. A termination 
policy should also include escorting the terminated employee off the premises and requiring 
the return of security tokens and badges and company property.
Know how privacy fits into the realm of IT security.
Know the multiple meanings/defini-
tions of privacy, why it is important to protect, and the issues surrounding it, especially in a 
work environment.
Be able to discuss third-party governance of security.
Third-party governance is the sys-
tem of oversight that may be mandated by law, regulation, industry standards, or licensing 
requirements.
Be able to define overall risk management.
The process of identifying factors that could 
damage or disclose data, evaluating those factors in light of data value and countermeasure 
cost, and implementing cost-effective solutions for mitigating or reducing risk is known as 
risk management. By performing risk management, you lay the foundation for reducing risk 
overall.
Understand risk analysis and the key elements involved.
Risk analysis is the process by 
which upper management is provided with details to make decisions about which risks 
are to be mitigated, which should be transferred, and which should be accepted. To fully 
evaluate risks and subsequently take the proper precautions, you must analyze the follow-
ing: assets, asset valuation, threats, vulnerability, exposure, risk, realized risk, safeguards, 
countermeasures, attacks, and breaches.
Know how to evaluate threats.
Threats can originate from numerous sources, including 
IT, humans, and nature. Threat assessment should be performed as a team effort to provide 
the widest range of perspectives. By fully evaluating risks from all angles, you reduce your 
system’s vulnerability.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   95   96   97   98   99   100   101   102   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish