IT Examiner School

Examiner: What level of encryption are you using? NA Fossil: Let’s see, it shows here 156-bit.

Examiner: When was the last time the router/concentrator was updated? NA Fossil: Ah, updated with what?

Examiner: The encryption strength has improved over the years and 256-bit encryption should be used since 156-bit is exponentially easier to decipher. Is data being transmitted across the Internet? NA Fossil: Yes.

Examiner: What is it that you log? NA Fossil: Well, we are logging actions on the domain controller.

Examiner: Anything else? NA Fossil: No. Doesn’t that capture everything going on in the network?

Examiner: Have you changed the log settings since installing the network operating system? NA Fossil: No, I think the MSSP is handling that function.

Examiner: What product do you use for the anti-virus/spyware/malware? NA Fossil: It is an integrated suite that has all of those that we purchased from Trend Micro. It automatically updates.

Examiner: I see that you have an IDS within the network. Who updates the signatures? NA Fossil: Intelligent, Inc. makes sure the signatures are up-to-date via remote access.

Examiner: I noticed your vulnerability and penetration testing was done on a Monday. When? NA Fossil: It was done after hours.

Examiner: I thought on page 6 of the audit scope it started 5:30 Eastern. NA Fossil: Let’s see. Oh, you’re right. So that would be…

Examiner: …3:30 local time. And Intelligent, Inc., who monitors your IDS, did not notify you that day? NA Fossil: I never got a call.

Examiner: The last exam noted you needed to restrict access to the operations room. I saw that on our walkthrough you have a keypad on the door now. When was the last time the combination was changed and who has the combination? NA Fossil: It was changed last month as policy mandates. Only those that need access to the Ops room have the combination – not even the CEO has the combination.