Information systems and technology security incident handling. Only need help wi
ID: 3700246 • Letter: I
Question
Information systems and technology security incident handling. Only need help with number 6 i posted everything just for reference. Thank you!
Problems: Part 1. Incident Handling You are asked by the Provost to prepare a document describing what steps you would take in order to create an incident response team and prepare for hacking attacks. a vendor of cyber insurance who convincingly presented a doom and gloom scenario, the Provost and President are concerned that the University would not be able to act quickly and decisively to resolve any issues that may occur and this will affect the image of the university. In your presentation, consider detailed discussion of following: Prompted by 1. What is an information security incident? 2. What are the basic steps involved in handling an incident? 3. What points should be addressed in an Incident Response Policy. 4. Which units should have representation on the IRT and why. 5. Argue for centralization of resources in terms of campus security. 6. Research Penn State office of Information security and discuss your findingExplanation / Answer
Q6) Penn State office of Information Security:-
Online Safety and Security - Staying safe online and protecting personal and University information is an important part of being a Penn State student, faculty, or staff member. While the University has security measures in place to keep information safe, you can further protect your online privacy and data by using best practices and following some basic guidelines.
Penn Office of Information Security Practices:-
Create strong passwords - Using strong passwords is one of the most important ways to keep personal and Penn State information secure. While it might seem daunting to create a password without using easy-to-remember information, relying on a series of words and using memory techniques can help you remember even the most complex passwords.
The following guidelines can help you create strong passwords:
Keep passwords safe - Creating and using strong passwords does little to protect personal information if those passwords are not kept confidential. It might seem harmless to share passwords with those you trust (like parents and significant others), but the more people who know this information, the higher the chances of passwords falling into the wrong hands. Rather than writing down passwords to remember them, you can use a password manager to generate, store, and retrieve your passwords.
Set security questions - Don’t get locked out of your Penn State Access Account. Taking a few minutes to set your security questions will help you easily reset your password online in case you forget or lose it. If you don’t establish security questions, you’ll need to visit the Accounts Office at University Park or a campus signature station to reset your password.
Enroll in 2FA (2 Factor Authentication) - While passwords and user IDs provide one layer of protection against those looking to steal data, a security measure called 2FA can offer an additional layer of security. Because 2FA uses two methods of authentication to verify your identity, it offers more than one layer of protection against the sophisticated tactics of cyber criminals and, therefore, makes Penn State information and your online identity less vulnerable to theft. Two-factor authentication (2FA) is one of the best ways to protect against stolen passwords, phishing scams, and other attempts to take over your online accounts and steal your data.
Keep software up to date - As developers make improvements to operating systems and software products, they send these upgrades to computers in the form of quick one-time installations. Sometimes these updates are user interface or design enhancements, but often they are important bug fixes or security patches to address potential vulnerabilities, malware, and more. Many threats work by exploiting known vulnerabilities for which security patches are available, so computers that don’t have all current updates applied are left susceptible to these types of threats. To help guard your computer and data, be sure to accept patches and updates from trusted sources as they become available. Though it’s possible (and sometimes necessary) to manually check for updates and patches, signing up for automatic updates and notifications is an easy way to stay up to date.
Avoid malware and phishing scams -
Malware spreads rapidly and by many different channels—for example, via email attachments, infected document files, websites that contain hostile code, and unprotected fileshares.
Modern antivirus software helps protect against the malware, spyware, viruses, and other invasive methods data thieves use to infiltrate computers and networks. Because cyber criminals are always finding new ways to break into systems, it’s critical to keep antivirus software current on personal and University-owned computers.
Phishing scams - The goal of a phishing scam is to steal personal data like credit card numbers, passwords, Social Security numbers, and other information. These fraudulent emails appear to come from organizations you know and trust—like your bank, credit card company, or school—and often include authentic-looking logos and links. Phishing emails will ask you to provide your bank account information, Social Security number, or other personal information. If you think you've received a phishing email, do not respond to it.
On occasion, phishing scams are directed at Penn State students, faculty, and staff. Fraudulent emails appearing to come from official University offices invite readers to click on a link or share private information. The best way to find out if you've received a fraudulent email is to submit the possible phishing message to the Office of Information Security. In the case of a compromised account or an incident involving sensitive information, email security@psu.edu.
Back up your data - In addition to protecting your computer against such security threats as malware and phishing scams, it’s also important to protect your data by making electronic copies of important files. Computer malfunctions, theft, viruses, and accidental deletion are just some of the ways you can lose academic work, photos, financial records, and other valuable information.
Choose your backup methods - After you make copies, you need to find a place to store them. Ideally, you should back up your files and data in more than one place. Here are some options: HARDWARE / ONLINE STORAGE (CLOUDS).?
Secure your mobile devices - Smartphones and tablets are targets for criminals looking to steal your personal data. Because of this, it’s important to keep your mobile devices protected by always enabling home screen passwords and locks. These passwords can protect data on your devices if they are ever misplaced or stolen.
Additional tips for mobile security are:-
Please let me know in case of any clarifications required. Thanks!