E6. Make a list of current sources for information security alerts and up-to-dat

Question

E6. Make a list of current sources for information security alerts and up-to-date reports on new security vulnerabilities. In particular, locate CERT, the CVE, and the SANS Internet Storm Center. Provide a URL for each. Are there other significant sources of information security alerts? [10 pts]

E7. Check your computer's documentation or Help facility to find out how to produce a list of processes. Display a list of running processes, preferably one that lists processes run by other users and by the system itself. Print the list. Use a highlighter to mark the processes directly belonging to you. [10 pts]

E14. Table 2.7 lists five security policy statements. Compare the statements against the five properties of properly formed policy statements. For each statement, indicate which properties the statement fails to fulfill, if any. [10 pts]

Explanation / Answer

E 14: A security policy should fulfill many purposes. It should: protect people and information; set the rules for expected behaviour by users, system administrators, management, and security personnel; authorize security personnel to monitor, probe, and investigate; define and authorize the consequences of violation; define the company consensus baseline stance on security; help minimize risk; and help track compliance with regulations and legislation.

Basic Purpose of Policy

A security policy should fulfil many purposes.

It should:

Related Questions

Navigate

• Browse (All)
• Browse E
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.