CS6803 Week 13

Network Security and Information Security Audits (word count 250)
Which of the following would be part of an bi-annual corporate audit (see list below). What type of security polices and information would be included? 

a)A review of background investigation materials for randomly selected security personnel.
b)An discussion with a small number of randomly selected employees about how they handle passwords.
c)Reviews of all firewall logs since the last security audit. 
d)A search of random employee Personal Computers for Peer to Peer(P2P) software used for illegally sharing music and corresponding music files (assume this is against corporate policy).
e)An discussion with the division CIO about the performance review processes used for the security staff(see attachment).