Chapter 12: Information Security Maintenance
1.) Search the Web for the Forum of Incident Response and Security Teams (FIRST). In your own words, what is the forumís mission?
- FIRST is a computer security incident response organization composed of different response teams to handle any security incidents and to promote incident prevention programs.
2.) Search the Web for two or more sites that discuss the ongoing responsibilities of the security manager. What other components of security management can be adapted for use in the security management model?
- A security manager has many duties and responsibilities. One component of security management that can be adapted is auditing policies and external policy compliance. This would ensure that the security manager is in line with all of the policies and are being enforced.
1.) What area of the SP 800-100 management maintenance model addresses the actions of the content filter described here?
- I feel that the actions in the book describe the information security governance portion of the SP 800-100. This section ensures that ongoing information security activities are providing appropriate support for the mission of the agency.
2.) What recommendations would you give SLS for how it might select a security management maintenance model?
- I would say to select a model that works for their business and prevents the most amount of errors in the security of the business. They need to evaluate their business and look at where they are most vulnerable and see how they can improve and make their information secure.
1.) Do you think this kind of action is unethical because Charlie knows he is leaving soon?
- I think that when Charlie asked iris to schedule the meeting a few weeks out knowing he will be gone is a little unethical. At the same time, I see where Charlie was and didnít want to deal with anything. On the other hand, even though he was leaving he still should have followed up with his duties since he was still employed for them.