Security Policies

Which of the following is NOT an area user policies need to cover.

If and when to share passwords

Passwords must always be shared with any person for any reason.

False

Always open email attachments coming from unknown sources.

False

What is the best rule of thumb in access control?

Allow the least access job requirements allow

Logon accounts, VPN, network and any other resources should NOT be disabled for leaving employees.

False

Instant messaging can be used not only for business communication but also for personal communication.

False

Which of the following is NOT an example of a user password policy?

Users may share passwords only with their assistants

What should an employee do if she believes her password has been revealed to another party?

Change her password immediately

Which of the following should be recommended as acceptable e-mail attachments?

Attachments the user expected

Which of the following is the best reason users should be prohibited from installing software?

If a user’s account does not have privileges to install, then it is likely that a Trojan horse will not be inadvertently installed under her account