Do you implement tools and policy to periodically scan for unidentified wireless access points connected to the network?
Userids are removed or locked when no longer required.
Only authorized devices are allowed to connect to the organization’s network:
The organization ensures that every user or process (acting on behalf of the user) has access authorization to information systems based on his/her role and need to know.
This question is locked on demo account
Do applications used to remotely access the system support ‘s data, use approved encryption methods?
Are the systems supporting ‘s data configured to limit the number of unsuccessful logon attempts?
Does the organization allow wireless access to the network hosting ‘s information?
Does the company allow remote access to the to the network hosting ‘s information?
Do you allow remote access to system support ‘s data?