Deck 17: Human Resources Security

Security awareness,training,and education programs may be needed to
comply with regulations and contractual obligations.

The education and experience learning level provides the foundation
for subsequent training by providing a universal baseline of key security terms and concepts.

Complying with regulations and contractual obligations is a benefit of
security awareness,training,and education programs.

Employee behavior is not a critical concern in ensuring the security of
computer systems.

Awareness is used to explain the rules of behavior for using an
agency's information systems and information and establishes a level of expectation on the acceptable use of the information and information systems.

Programmers,developers,and system maintainers require less
advanced security training than other employees.

Having all of the security functions and audit responsibilities reside in
the same person is a wise decision on the part of the organization.

Security education is most often taught by outside sources.

Many companies incorporate specific e-mail and Internet use policies
into the organization's security policy document.

As part of their contractual obligation,employees should agree and
sign the terms and conditions of their employment contract,which should state their and the organization's responsibilities for information security.

Security basics and literacy is required for those employees,including
contractor employees,who are involved in any way with IT systems.

An employer cannot be held liable for negligent hiring if an
employee causes harm to a third party while acting as an employee.

Awareness only communicates information security policies and
procedures that need to be followed and does not provide the foundation for any sanctions or disciplinary actions imposed for noncompliance.

Employees cannot be expected to follow policies and procedures of
which they are unaware.

A _______ is a characteristic of a piece of technology that can be exploited to perpetrate a security incident.

Any action that threatens one or more of the classic security services of confidentiality,integrity,availability,accountability,authenticity,and reliability in a system constitutes a(n)________.

The principles that should be followed for personnel security are: limited reliance on key employees,separation of duties,and _______.

The four layers of the learning continuum as summarized by NIST SP 800-16 are: security awareness,security basics and literacy,roles and responsibilities relative to IT systems,and the _________ level.

In large and medium-sized organizations,a _________ is responsible for rapidly detecting incidents,minimizing loss and destruction,mitigating the weaknesses that were exploited,and restoring computing services.

The principal problems associated with employee behavior are errors and omissions,_______,and actions by disgruntled employees.

In general,a ________ program seeks to inform and focus an employee's attention on issues related to security within the organization.

After security basics and literacy,training becomes focused on providing the knowledge,skills,and abilities specific to an individual's _______ relative to IT systems.

________ lists the following security objective with respect to current employees: to ensure that employees,contractors,and third-party users are aware of information security threats and concerns and their responsibilities and liabilities with regard to information security and are equipped to support organizational security policy in the course of their normal work and to reduce the risk of human error.

There is a need for a continuum of learning programs that starts with _______,builds to training,and evolves into education.

Employees have no expectation of ______ in their use of company-provided e-mail or Internet access,even if the communication is personal in nature.

The group of users,sites,networks,or organizations served by the CSIRT is a _______.

The goal of the _______ function is to ensure that all information destined for the incident handling service is channeled through a single focal point regardless of the method by which it arrives for appropriate redistribution and handling within the service.

Network and host __________ monitor and analyze network and host activity and usually compare this information with a collection of attack signatures to identify potential security incidents.

A(n)________ is any file or object found on a system that might be involved in probing or attacking systems and networks or that is being used to defeat security measures.