Please enable JavaScript.
Coggle requires JavaScript to display documents.
2.0 SECURITY POLICIES AND PROCEDURES, SECURITY POLICY REQUIREMENTS, 8…
2.0 SECURITY POLICIES AND PROCEDURES
security policy is a document or series of documents that clearly defines the defence mechanisms an organization will employ in order to keep information secure
it is written document that states how an organization plans to protect the company's information technology assets
for an example, a security policy for an operating system may outline which security settings must be turned on and how they are to be configured
SECURITY POLICY REQUIREMENTS
1.identification and authentication
waivers
audit
access control
network connectivity
malicious code
encryption
7.appendices
8 PASSWORD REQUIREMENTS
1) minimum length -8 characters
8) store password using reversible encryption
3) minimum complexity- no dictionary words included
2) maximum length - 14 characters
4) passwords are case sensitive but username is not case sensitive
5) unique password - should not less than 24
6) maximum age -60 days
7) minimum password age - 2days
SECURITY PROCEDURES
1) user management procedures
2) system administration procedure
3) incident response procedure
4) configuration management procedure
CRYPTOGRAPHIC TERMINOLOGIES
1) encryption
2) cipher text
3) decryption
4) cryptanalysis
COMMON COMMUNICATION ENCRYPTION TYPES
a) symmetric encryption
b) asymmetric encryption
c) hash encoding