Questions generic

 1. What is the company’s network topology, and are critical servers segmented from user devices to prevent unauthorized access?

2. What operating systems run on servers and user devices, and are they fully patched to address known vulnerabilities?

3. How is network traffic monitored, and are intrusion detection systems (IDS) or intrusion prevention systems (IPS) in use?

4. What specific cyber threats (e.g., malware, suspicious logins) have been detected recently, and how were they identified?

5. What user access control policies are in place, such as multi-factor authentication (MFA) or role-based access control (RBAC)?

6. How are user accounts managed, and is there a process to deactivate accounts of former employees promptly?

7. What remote access methods are used (e.g., VPN, RDP), and are they secured with endpoint checks and encryption?

8. Are there sufficient remote access licenses or resources to support the company’s current or planned workforce?

9. What firewall configurations are in use, and do they include real-time monitoring or updated rules to block threats?

10. Are data on servers encrypted, and what backup procedures ensure recovery from data loss?

11. What anti-malware or endpoint protection software is deployed on servers and user devices?

12. What employee training programs exist to prevent phishing or social engineering attacks, and how often are they updated?

13. Are there physical security measures (e.g., locks, CCTV) protecting server rooms or network infrastructure?

14. What incident response plan is in place to handle cyber threats, and how was it applied during recent incidents?

15. How is compliance with data protection laws like GDPR ensured, particularly for customer or personal data?

16. Are wireless access points used, and are they secured with WPA3 or isolated guest networks?

17. What network protocols are permitted, and are outdated ones (e.g., SMBv1) disabled to reduce risks?

18. How is patch management handled for servers, devices, and software, and were unpatched vulnerabilities linked to threats?

19. Are regular security audits or penetration tests conducted, and what were the findings of the last audit?

20. What logging mechanisms (e.g., Windows Event Logs, Syslogs) are monitored to detect unauthorized access?

21. Are any cloud services or virtualized environments used, and how are they secured against threats?

22. What hardware (e.g., PCs, laptops, servers) is in use, and is it compatible with modern security software?

23. How are peripheral services (e.g., print services) secured to prevent unauthorized access to sensitive data?

24. What steps have been taken to address recent cyber threats, and are temporary measures in place?

25. What security measures are planned to support future growth or changes, such as increased staff or new locations?

Comments

Post a Comment

Popular posts from this blog

TASK 1 MINE FULL

Image
      Introduction   I am a consultant who is working with TeachTechNow and I have been asked to make recommendations to secure the network and to resolve some specific issues that have been brought to my attention to the office there are currently a range of different issues and I will talk about them specifically what they are and what to do and how to mitigate these risks. I have been also told that that several organisations within the same sector have experienced successful cyber attacks and the board of directors are concerned with the management of the it systems at TeachTechNow and the impact it could have on their reputations so it is my job to ensure this does not happen and is prevented.         Overview of current issues:   Outdated operating systems One of the many factors that are making TeachTechNow have a insecure network is that they have old os systems and this is a major flaw and due to t...
Read more

Eveything TASK format

 You're in excellent shape — and yes, based on what you've now completed and plan to finish, you are in a strong position to earn full marks (6/6) for both parts of Task 4 , if you follow through properly . ✅ Let’s go over it clearly: 🧾 Part 1: Satisfaction Survey (6 marks) You already: ✔ Wrote thoughtful, varied questions ✔ Covered all required topics (ease of use, security, VPN/cloud access, confidence, secure work) ✔ Included different question types (tick boxes, yes/no, open, ranking, Likert scale) ✔ Aimed it at non-technical users ✔ Planned to add in formatting later (which is fine — it's expected) ➡️ As long as you add in the actual tick boxes, scales, and fix spelling/grammar , you’ll get full marks . 📄 Part 2: Project Summary (6 marks) You now have: ✔ A detailed overview of the original network weaknesses ✔ A clear list of solutions you implemented (cloud storage, VPN, hardware) ✔ A breakdown of security issues mitigated ✔ ...
Read more

Full format what i done at home questions

 Perfect — to help you achieve full marks (6 marks) on the sample satisfaction survey for Task 4, here's a fully expanded and professionally formatted version with a wide variety of question types , including: ✅ Yes/No ✅ Tick boxes ✅ Open-ended ✅ Ranking (1–10) ✅ Likert scale (Strongly Agree → Strongly Disagree) This version is clearly laid out, accessible for non-technical users , and specifically covers: Ease of use Network security Ability to connect to resources (especially via cloud/VPN) Confidence in security Ability to work securely and efficiently 📋 NexaTech IT Solutions – User Satisfaction Survey Thank you for taking part in this short survey. Your feedback helps us evaluate the effectiveness of our recent system upgrades, including new cloud storage and cloud-based VPN access. Section 1: General Usage and Frequency 1.1 Which department are you in? ☐ Finance  ☐ HR  ☐ Sales  ☐ IT  ☐ Operations  ☐ Other: ___________ 1.2 How often do you use...
Read more