Chapter Eleven

Max Werdin

Exercises:

1.      Using the Web, identify some certifications with an information security component that were not discussed in this chapter. Some of the certs that were not listed in this chapter were NetScreenMicrosoft Certified Professional (MCP),Microsoft Certified Systems Engineer (MCSE),Microsoft Certified Professional Internet (MCP+I),Microsoft Certified Systems Administrator (MCSA,)Microsoft Certified Professional Security Personnel and IS MaintenanceSite Building (MCP+SB),Microsoft Certified Solutions Developer (MCSD),Microsoft Certified Database Administrator (MCDBA),Microsoft Certified Application Developer (MCAD),Microsoft Certified Trainer (MCT),Microsoft Office User Specialist (MOUS).

2.         Search the Web for three different employee-hiring and termination policies. Review each and look carefully for inconsistencies. Do each of the policies have sections that address information security requirements? What clauses should a termination policy contain to prevent disclosure of an organizationís information? Create your own version of either a hiring policy or a termination policy. Of the three hiring/termination policies I reviewed, none of them had any information pertaining to information security requirements. All of the them included information about benefits, payment information, and other corporate policy information. The policies always included information about an exit interview. A termination policy should include statements about taking and revealing corporate information that they have learned or have been privileged to while they were employed. It should also include statements concerning deleting or altering company information for malicious purposes. All the statements should clearly define the consequences and lengths to which the company is willing to ensure that the company is protected.



 

Case Exercises:

The questions I would ask Charlie if I were in her position would be pertaining to the responsibilities within the position, compensation changes, location, what prior experience one should have before entering this position and whether I could move back into my current position should I decide that the security position isnít the best fit.

I would talk to Kelvin about whether he thought I would be a good fit for the team, what he expects from one in that position, and how long the position is expected to be available.

Ethical Decision Making:

I would have to say that this is a judgement call for both of them. Being it isnít against company policy and they are not married, I would expect that the company wouldnít have an issue with it. It also really depends on how serious they are together.