Security Policy Checklist Synonyms
Part of speech:
Words Related to Security Policy Checklist
A person appointed by the court to manage a part or all of the assets and liabilities of an intestate or of a testator who has no executor. In many states, the person can be a man or a woman, but in the others, the term refers to a male, while a female who is appointed to perform these duties is called an administratrix. See also administrator ad litem and ancillary administrator.
A checklist developed by security experts using questions dealing with a number of security issues. But before detailing the questions (which is not a complete listing), this overriding question needs to be answered by organizations having security policy checklists: Are all of the items on the checklist distributed to all employees and fully understood? Take, for example, the following items: A checklist developed by security experts using questions dealing with a number of security issues. But before detailing the questions (which is not a complete listing), this overriding question needs to be answered by organizations having security policy checklists: Are all of the items on the checklist distributed to all employees and fully understood? Take, for example, the following items: • Administrator rights and responsibilities: Under what conditions may a system administrator examine an employee’s account or his or her email, and what parts of the system should the system administrator not examine (for example, Netscape bookmarks)? Can the system administrator monitor network traffic, and if so, what boundaries exist? • Backups: What systems are backed up, and how often? How are backups secured and verified? • Connections to and from the Internet: What computers should be seen from the outside? If computers are outside the firewall (bastion hosts), how securely are they separated from computers on the inside? Are connections from the Internet to the internal network allowed and, if so, how are they authenticated and encrypted? What traffic is allowed to go outside the internal network? If there is traffic across the Internet, how is it secured, and what protection is in place against worms, viruses, or hostile java applets? • Dial-up connections: Are dial-up connections allowed, and if so, how are they authenticated and what access level to the internal network do dial-up connections provide? How are modems distributed in this company, and can employees set up modem connections to their home or desktop computers? • Documentation: Does a map of the network topology exist, and is it clearly stated where each computer fits on that map? Is there an inventory of all hardware and software, and does a document exist detailing the preferred security configuration of every system? • Emergency procedures: What kinds of procedures exist for installing security patches or handling exploits? In cases of system intrusion, is it company policy to shut down the network immediately, or does the company prefer to monitor the intruder for a while? How and when are employees notified of exploits, and at what stage and at what time are law enforcement agencies called in? • Logs: What information is logged, and how and where? Are the information logs secure from tampering, and if so, are they regularly examined, and, if so, by whom? • Physical security: Are systems physically protected from outsider crackers and adequately secured, where needed, from insider crackers? Are reusable passwords used internally or externally, and are employees told through company policy to change their passwords routinely? • Sensitive information: How are sensitive and proprietary information protected online, and how are backup tapes protected? • User rights and responsibilities: How much freedom do employees have in terms of selecting their own operating system, software, and games for their computers, and can employees in our company send and receive personal email or do personal work on company computers? What policies exist regarding resource consumption (for example, disk or CPU quotas) and abuse (accidental or intentional) of services? What penalties exist, for example, if an employee brings down a server? Queeg Company. Security Policy Checklist. [Online, October 6, 1997.] Queeg Company Website. http://queeg.com/~brion/security/secpolicy.html.
To protect (a computer or computer network) by means of a firewall.
Find another word for security policy checklist. In this page you can discover 7 synonyms, antonyms, idiomatic expressions, and related words for security policy checklist, like: administrator, electronic mail or email, firewall, internet, logs, modem and password.