Lecture 4-1

Play an AI-generated podcast conversation about this lesson

Why is security policy a living document?

As it needs to be revised and updated, regularly or on-demand.

What are the characteristics of policy? List and explain at least two of them.

It sets high-level expectation to guide decisions and achieve outcomes. It is for all participants so it cannot be too technical. It must be enforced by a proper authority.

Define security policy.

A security policy is a set of rules and criteria that outline how to protect information and ensure secure system behavior. It defines the objectives and constraints for a security program.

What should be included in a security policy?

Security policies should include industry standards, procedures and guidelines, these are necessary to avoid information risk in daily operations, and a well-defined scope that states whether the policy applies to a certain group of people or everyone reading it including contractors. Signup and view all the answers

What is the most important item the standard should provide?

The standard document must provide enough technical details to give an accurate and detailed explanation of requirements to the relevant personnel such as security engineers or security management officers. Signup and view all the answers

What is the most important item the guidelines should provide?

Guidelines must be aligned with the policy and standard documents. Guidelines are usually written to give more specific details with practical examples such as best practices. Signup and view all the answers

What are the differences between policy, procedure, standards and guidelines?

Policies: Think of "Policies" as the "What" and "Why" — What needs to be done and why it's important. Procedures: Think of "Procedures" as the "How" — How to accomplish the policy. Standards: Think of "Standards" as the "Musts" — Specific rules that must be followed. Guidelines: Think of "Guidelines" as the "Suggestions" — Advice that can help but isn't mandatory. Signup and view all the answers

As a cybersecurity analysist, how would you educate your colleagues about the importance of security?

The training will be conducted in line with the company's and let them know the consequences of not following them, give them real world examples of the dangers of security breach, give them well written text and rich visual elements as training materials and let them go through practices. For example, the user can interact with the computer to identify spear phishing or a fake social media campaign. Signup and view all the answers

What is group policy and why was it created?

Group Policy is a feature that centrally controls the working environment of user accounts and computer accounts. It was created to overcome the problem with the Windows registry Registry is similar to a login script that stores program and system settings. A change in registry is permanent. If the user has a new job title, a different registry is needed. Group policy makes this change easy: Group policy is able to reverse any previous configuration made for that user. Signup and view all the answers

When a policy enforcement is based on a network architecture, what should be considered? List at least four of them.

When a policy enforcement is based on a network architecture, what servers an organization has, how the information flows, where the information is stored, who has and who should have data access should be considered. Signup and view all the answers

What do Domain, OU and GPO mean in Active Directory?

Domain: A collection of Objects within Active Directory network. OUs (Organizational Units): A subdomain which is a container for Objects. Using OUs, an administrator can create hierarchy that reflects the structure of the organization. Group Policy Object (GPO): A collection of settings that define what a system will look like and how it will behave for a defined group of users. Signup and view all the answers

What are the important group policy settings for preventing security breaches?

<ol> <li> Limit Control Panel Access: <ul> <li>Prevents non-admin users from changing system settings.</li> </ul> </li> <li> Disable LAN Manager Hash Storage: <ul> <li>Prevents pass-the-hash attacks by not storing vulnerable hash types.</li> </ul> </li> <li> Restrict Command Prompt Access: <ul> <li>Prevents users from running high-level commands that could bypass security measures.</li> </ul> </li> <li> Disable Forced System Restarts: <ul> <li>Protects against losing important settings and unsaved work.</li> </ul> </li> <li> Block Removable Media Drives: <ul> <li>Prevents the use of DVDs and CDs, which are prone to malware and viruses.</li> </ul> </li> <li> Restrict Software Installations: <ul> <li>Prevents the installation of potentially harmful applications.</li> </ul> </li> <li> Disable Guest Account: <ul> <li>Stops attackers from using the guest account to access the computer.</li> </ul> </li> <li> Increase Minimum Password Length: <ul> <li>Admin passwords: at least 15 characters.</li> <li>Regular user passwords: at least 12 characters.</li> </ul> </li> <li> Reduce Maximum Password Age: <ul> <li>Require password changes every 42 days.</li> </ul> </li> <li> Disable Anonymous SID Enumeration: </li> </ol> <ul> <li>Prevents users from identifying important system users and groups through SID queries.</li> </ul> Signup and view all the answers