Question

1.0 Name three commonly used management security policy areas and describe an example policy for each area.

2.0 Create an outline for a training session to help your team avoid phishing. What would you include in that training session? What are some typical signs that an e-mail might be fraudulent?

Answer 1

`Hey,

Note: In case of any queries, just comment in box I would be very happy to assist all your queries

1)

• Acceptable use policy (AUP): Defines the acceptable use of equipment and computing services, and the appropriate security measures that employees should take to protect the corporate resources and proprietary information.
• Account access request policy: Formalizes the account and access request process within the organization. Users and system administrators who bypass the standard processes for account and access requests may cause legal action against the organization.
• Acquisition assessment policy: Defines the responsibilities regarding corporate acquisitions and defines the minimum requirements that the information security group must complete for an acquisition assessment.

2)

A reasonable outline might include the following: (I) Potential damage from security breaches resulting from phishing; (II) What phishing messages can do (a) spoof an existing friend (b) use numeric addresses (c) lead to dangerous sites (d) request logging into a counterfeit site; (III) How to recognize a phishing message (a) examples of phishing messages, (b) common threads in those messages, (c) what to do about phishing messages.

Kindly revert for any queries

Thanks.