Home > Articles

This chapter is from the book

This chapter is from the book

Developing Cybersecurity Programs and Policies in an AI-Driven World, 4th EditionDeveloping Cybersecurity Programs and Policies in an AI-Driven World, 4th Edition

Learn More Buy

This chapter is from the book

This chapter is from the book

Developing Cybersecurity Programs and Policies in an AI-Driven World, 4th EditionDeveloping Cybersecurity Programs and Policies in an AI-Driven World, 4th Edition

Learn More Buy

Exercises

EXERCISE 2.1: Creating Standards, Guidelines, and Procedures

The University System has a policy that states, “All students must comply with their campus attendance standard.”

  1. You are tasked with developing a standard that documents the mandatory requirements (for example, how many classes can be missed without penalty). Include at least four requirements.

  2. Create a guideline to help students adhere to the standard you created.

  3. Create a procedure for requesting exemptions to the policy.

EXERCISE 2.2: Writing Policy Statements

  1. Who would be the target audience for a policy related to campus elections?

  2. Keeping in mind the target audience, compose a policy statement related to campus elections.

  3. Compose an enforcement clause.

EXERCISE 2.3: Writing a Policy Introduction

  1. Write an introduction to the policy you created in Exercise 2.2.

  2. Generally an introduction is signed by an authority. Who would be the appropriate party to sign the introduction?

  3. Write an exception clause.

EXERCISE 2.4: Writing Policy Definitions

  1. The purpose of policy definitions is to clarify ambiguous terms. If you were writing a policy for an on-campus student audience, what criteria would you use to determine which terms should have definitions?

  2. What are some examples of terms you would define?

EXERCISE 2.5: Understanding Baselines

The goal of this exercise is to understand what baselines are, why they are important, and the different types of baselines.

  1. Read articles or watch tutorials on the importance of baselines in IT security.

  2. Reflect on how baselines can contribute to uniformity and security in various IT environments.

  3. Explore different tools and methodologies for baseline management across platforms such as Windows, Linux, and network devices.

  4. Create a detailed security baseline for a chosen IT environment. Choose an IT environment that you are familiar with or interested in, such as Windows desktops, Linux servers, or network routers.

  5. Document the standard configurations for the system.

  6. Define appropriate security policies including password policies and security protocols. List approved software and version numbers. Outline procedures for regular updates and patches.

  7. Compare your baseline with existing standards or best practices found in your research to evaluate its completeness and robustness.

Pearson IT Certification Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Pearson IT Certification and its family of brands. I can unsubscribe at any time.