Page 678 - StudyBook.pdf
P. 678
662 Chapter 11 • Operational and Organizational Security: Incident Response
Exam Objectives
Frequently Asked Questions
The following Frequently Asked Questions, answered by the authors of this
book, are designed to both measure your understanding of the Exam Objectives
presented in this chapter, and to assist you with real-life implementation of
these concepts.
Q: I work for a small company, and we do not have the facilities for a dedicated
server room. Is there any way that I can protect servers and other critical com-
ponents of the network?
A: Servers and other critical components can be protected by storing them in a
locked closet, rack, or cabinet. By locking the equipment up, you ensure that
employees and visitors to a site will not be able to access the equipment inside
without authorization.
Q: I’m concerned about air quality in the server room, resulting from the level of
cleanliness in the room. Should I allow the night cleaners to access the server
room and clean it every evening?
A: No.There are too many vital components in a server room that could be dam-
aged.You would not want network cables knocked out by a broom, or water
from a mop getting slopped onto server components.This would also give the
cleaning company employees an opportunity to deliberately steal data or sabo-
tage the systems.A favorite ploy of corporate espionage artists is to pose as jani-
torial staff because cleaning people are often given open access to everything,
and are almost “invisible” to company personnel.Any number of problems can
result by having people other than IT staff gaining access to the server room.A
better option would be to clean the server room yourself or assign the task to a
trusted subordinate.
Q: My company is planning to assign someone the duty of performing forensic
investigations for internal violations of policies, and to work with the Incident
Response Team when incidents occur.What qualifications should this person
have?
www.syngress.com
