Chapter 9: Security Auditing

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Formal Audits

Most often conducted to satisfy specific industry standards that are required by law for certain types of organizations.

Security Audit

Refers to the procedures by which all of an environment's security controls and systems are thoroughly reviewed to identify and report weaknesses within an organization.

Audit scope

The area or system on which the security audit will focus.

Internal Security Controls

The systematic measures and checks put into place to ensure that networks remain sound and secure.

Informal Audits

Conducted as a way to provide organizations evidence that their security policies and practices are effective and working properly.

Internal Audits

Conducted using a committee of individuals who are employees of the company itself.

External Audits

Conducted using a third-party group or a number of individuals from a source outside the organization itself.

Automated Audits

Conducted using tools that are either installed onto a machine or embedded within an application for the purpose of recording the typical behavior of a system.


Ensembles d'études connexes

Diverticulosis and Diverticulitis

View Set

Mastering A & P Bone tissue, histology and muscle tissue

View Set

MS: Infectious disease 27; Skills/procedures 22; Safety/infection ctrl 11 ; Basic care & comfort/pain mgt 7

View Set