|Like this CertiGuide? Get it in PDF format!|
Use coupon code "certiguide" to save 20%!
|Need more practice? 300 additional Security+ questions!|
|Get It Here!|
(Page 5 of 5)
You were also made aware of the important
role played by education. In order for users to follow policy, you
need to communicate to them how their interests are served by those
policies, and interact with them to determine how some policies may
make their lives more difficult, and work with them to improve those
policies. User awareness is critical, since employees need to be aware
of policies and significant vulnerabilities (such as viruses and social
engineering attempts) in order to best exercise due care
in the performance of their job duties.
Finally, you learned the importance
of complete, up-to-date documentation, including:
- Standards and Guidelines, specifying the
standards and guidelines your organization/department adhere to.
- Systems Architecture, including network
maps, lists of software installed on systems, configuration printouts,
- Change Documentation, which tracks changes
to system and network configuration over time; not only is this a valuable
history, but it may also be useful if the most recent change broke
something and the administrator who made the change isnt
around to explain what he did.
- Logs and Inventories, documenting equipment
maintenance, backups, etc.; inventories may include asset lists, inventories
of spare parts, available backup media, etc.
- Classification, specifying the sensitivity
of particular types of data and/or systems.
- Notification, who must be notified in
the event of certain events like intrusion detection, theft, disaster,
- Retention/Storage, policies and procedures
for securely storing physical and electronic records, specifying where
they are stored and how long they are kept; this may be partly determined
by industry regulations followed by your organization.
- Destruction, how and when documentation
and other items such as media are destroyed; for high-security installations,
the procedures involved may be complex.
|If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!|
Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.