Exam Objectives Frequently Asked Questions
|
|
The following Frequently Asked Questions, answered by the authors of this book, are designed to both measure your understanding of the Exam Objectives presented in this chapter, and to assist you with real-life implementation of these concepts.
| I have identified various risks, analyzed them, and implemented controls and strategies to deal with them. Now that I am done, why should I not forget about the risk and focus on dealing with other risks? | ||
| A. | Because the controls and strategies you have implemented may fail. You need to monitor the risks you have dealt with to determine if they are working or not, and then revise strategies and repair or replace controls that have been implemented. | |
| Some of the assets in my organization are old and have no market value. They have depreciated on paper to the point where they are considered worthless. Despite this, my company heavily relies on them. How can I place a value on these assets? | ||
| A. | Asset valuation can also be determined by importance. By rating them on a scale of 1 to 10, with 10 being the most important, you are setting a value on them that does not rely on monetary figures. | |
| My company has recently installed a new T1 line that provides Internet access to employee workstations. I have heard about some companies having problems with their employees surfing the Web for pornography or playing online games on company machines. How can I let users know that the company will not tolerate this kind of behavior? | ||
| A. | Implement an acceptable use policy that outlines the company's expectations of how corporate equipment and technologies are to be used, and what is considered to be unacceptable behavior. Have existing employees read and sign copies of the policy to acknowledge their compliance with the policy. Have new employees sign copies of these as a condition of their employment. | |
| My company is planning to assign someone the duty of performing forensic investigations for internal violations of policies, and to work with the incident response team when incidents occur. What qualifications should this person have? | ||
| A. | A person conducting computer forensic investigations and examinations should have expert computer skills, including an understanding of hardware, network technologies, programming skills, and an understanding of forensic procedures. It is also a good idea for the forensics investigator to have a good knowledge of applicable local, state, and federal laws regarding computer crimes and rules of evidence. | |
| How should I prepare evidence to be transported in a forensic investigation? | ||
| A. | Before transporting evidence, you should ensure that it is protected from risks of being damaged. Hard disks and other components should be packed in antistatic bags, and other components should be packaged to reduce the risk of damage from being jostled. All evidence should be sealed in a bag and/or tagged to identify it as a particular piece of evidence, and information about the evidence should be included in an evidence log. |
|
|
EAN: 2147483647
Pages: 135
- The Effects of an Enterprise Resource Planning System (ERP) Implementation on Job Characteristics – A Study using the Hackman and Oldham Job Characteristics Model
- Data Mining for Business Process Reengineering
- A Hybrid Clustering Technique to Improve Patient Data Quality
- Relevance and Micro-Relevance for the Professional as Determinants of IT-Diffusion and IT-Use in Healthcare
- Development of Interactive Web Sites to Enhance Police/Community Relations