TutorialWeek10_Ans-1

TutorialWeek10_Ans-1 - ITC482 Computer Management Security Tutorial Week 10 Solutions ITC482 Computer Management Security Tutorial Week 10

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Tutorial Week 10 - Solutions Tutorial Week 10 - Solutions Week 10: Personnel and Security Review Questions 1. When an organization undertakes an information security-driven review of job descriptions, which job descriptions must be reviewed? Which IT jobs not directly associated with information security should be reviewed? Answer: All jobs should be reviewed, regardless of whether they are directly related to IT or not. 2. List and describe the criteria for selecting information security personnel. Answer: Understand the organization, recognize IS is a management task, work well with people, acknowledge the role of policy in guiding security efforts, understand the essential role of SETA, perceive threats facing an organization, understand technical controls, demonstrate familiarity with the mainstream technologies, understand IT and InfoSec terminology and concepts. 3. What are some of the factors that influence an organization’s hiring decisions? Answer: One factor that may influence an organization's hiring decisions is whether or not the person applying for the job has any certifications. Another factor may be the amount of experience the person has acquired over time. Also how that person's background check may influence an organization's hiring decisions. 4. What attributes do organizations seek in a candidate when hiring information security professionals? Prioritize this list of attributes and justify your ranking Answer: Experience, credentials, hiring issues, and background checks. Experience is the most important element with credentials being preferred, and hiring issues and background checks are important but less than experience and credentials. 5. What are the critical issues that management must consider when dismissing an employee? Do these issues change based on whether the departure is friendly or hostile? Answer: When dismissing an employee, management must consider the following: -the former employee's access to the organization's systems must be disabled -the former employee must return all removable media -the former employee's hard drives must be secured -file cabinet locks must be changed -office door locks must be changed -the former employee's keycard access must be revoked -the former employee's personal effects must be removed from the premises -the former employee should be escorted from the premises, once keys, keycards, and other business property have been turned over Many organizations conduct an exit interview to remind the employee of any contractual obligations, such as nondisclosure agreements, and to obtain feedback on the employee's tenure at the organization. Whether or not the departure is friendly or hostile can completely change the way in which the situation is handled. A hostile departure will be handled with tighter security while a friendly departure is often handled with
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 02/15/2010 for the course ITC 594 taught by Professor Peterdalmaris during the Three '10 term at Charles Sturt University.

Page1 / 5

TutorialWeek10_Ans-1 - ITC482 Computer Management Security Tutorial Week 10 Solutions ITC482 Computer Management Security Tutorial Week 10

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online