O'Reilly logo

Wiley CIAexcel Exam Review 2014 Focus Notes: Part 3, Internal Audit Knowledge Elements by S. Rao Vallabhaneni

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Mistake #3: Exposing passwords to others, such as logging in from a public computer, keeping a note with passwords written on it where it can be found or sharing passwords with others.
Remedy #3: Avoid the use of public computers and public access networks, if possible. If there is a need to use them, do not send or receive private, sensitive, or confidential information, and change the password afterward. Store passwords in an encrypted file or password manager and avoid sharing passwords.
  • Install software patches, updates, and hot fixes in a timely manner to close security holes and potential vulnerabilities. The goal is to implement a robust software patch management process which is important in reducing vulnerabilities in an information system. As patches greatly impact the secure configuration of an information system, the patch management process should be integrated into configuration management at a number of points, as follows.
    • Perform security impact analysis of patches
    • Test and approve patches as part of the configuration change control process
    • Update baseline configurations to include current patch level
    • Assess patches to ensure they were implemented properly
    • Monitor systems/components for current patch status
  • Understand zero-day exploits and zero-day incidents (attacks). Zero-day exploits (i.e., actual code that can use a security vulnerability to carry out an attack) are used or shared by attackers before the software vendor fixes those exploits. A zero-day ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required