PrepAway - Latest Free Exam Questions & Answers

Which choice below MOST accurately describes the organization’s responsibilities during an unfriendly te

Which choice below MOST accurately describes the organization’s responsibilities during an
unfriendly termination?

PrepAway - Latest Free Exam Questions & Answers

A.
The employee should be given time to remove whatever files he needs from the network.

B.
Cryptographic keys can remain the employee’s property.

C.
System access should be removed as quickly as possible after termination.

D.
Physical removal from the offices would never be necessary.

Explanation:
Friendly terminations should be accomplished by implementing a standard set of procedures for
outgoing or transferring employees. This normally includes: Removal of access privileges, computer
accounts, authentication tokens. The control of keys. The briefing on the continuing responsibilities
for confidentiality and privacy. Return of property. Continued availability of data. In both the manual
and the electronic worlds this may involve documenting procedures or filing schemes, such as how
documents are stored on the hard disk, and how they are backed up. Employees should be
instructed whether or not to clean up their PC before leaving. If cryptography is used to protect data,
the availability of cryptographic keys to management personnel must be ensured. Given the
potential for adverse consequences during an unfriendly termination, organizations should do the
following: System access should be terminated as quickly as possible when an employee is leaving a
position under less-than-friendly terms. If employees are to be fired, system access should be
removed at the same time (or just before) the employees are notified of their dismissal. When an
employee notifies an organization of the resignation and it can be reasonably expected that it is on
unfriendly terms, system access should be immediately terminated. During the notice of termination
period, it may be necessary to assign the individual to a restricted area and function. This may be
particularly true for employees capable of changing programs or modifying the system or
applications. In some cases, physical removal from the offices may be necessary. Source: NIST
Special Publication 800-14 Generally Accepted Principles and Practices for Securing Information
Technology Systems.


Leave a Reply