SECURITY BASICS AND IT PROFESSIONAL (SECURITY POLICIES)

To block all incoming network traffic

To ensure 100% system uptime

To define guidelines and procedures for protecting assets and information

To minimize software updates and patches

Providing unlimited access to sensitive data

Regularly updating the policy without communication

Enforcing strong password requirements

Allowing employees to share their login credentials

To confuse employees with changing rules

To ensure that employees are aware of security practices and updates

To comply with regulations only

To increase the complexity of the policy

Allowing every employee access to all resources

Providing unlimited privileges to top-level executives

Restricting access to the security policy itself

Granting individuals only the access they need to perform their duties

To outline step-by-step guidelines for implementing security measures

To create unnecessary bureaucratic processes

To define strategic business goals

To increase network speed

To maintain a static and unchanging security posture

To confuse employees with frequent changes

To minimize communication with employees

To adapt to evolving security threats and technologies

It suggests giving users unlimited access to all files and folders

It requires encrypting all files and folders regardless of sensitivity

It advocates granting individuals the minimum permissions necessary to perform their job functions

It encourages users to set their own permissions

Modify and delete files

View the contents of a file

Change file ownership

Execute executable files

To secure communication between two parties using a shared key

To generate hash values for data integrity

To authenticate users in a network

To create digital signatures

To encrypt data for secure transmission

To decrypt data for secure storage

To validate the authenticity of digital signatures

To generate random session keys