Answer:
* Do we use hardware firewalls to protect critical servers and desktop computers?
o How often do we examine event logs and real-time displays to see if we are under attack?
o Do we use software firewalls to protect end-user computers (e.g. laptops that may spend time away from protection of the departmental hardware firewall)?
* Do we monitor the network for security exposures using auditing tools such as ISS, or Nessus?
* Do we monitor the network for unusual patterns of traffic? (E.g. a server or an end user computer suddenly begins emitting huge amounts of traffic.)
* Do we ensure that all critical business transactions take place using encrypted transmission? (E.g. SSL for Web or email transactions, SSH or VPN for remote login, encrypted file transfers)?
o How often do we examine event logs and real-time displays to see if we are under attack?
o Do we use software firewalls to protect end-user computers (e.g. laptops that may spend time away from protection of the departmental hardware firewall)?
* Do we monitor the network for security exposures using auditing tools such as ISS, or Nessus?
* Do we monitor the network for unusual patterns of traffic? (E.g. a server or an end user computer suddenly begins emitting huge amounts of traffic.)
* Do we ensure that all critical business transactions take place using encrypted transmission? (E.g. SSL for Web or email transactions, SSH or VPN for remote login, encrypted file transfers)?
Previous Question | Next Question |
Backups questions | Data Security questions |