CyberInsurance Questionnaire Which protocols are used to authenticate the sender and content of emails?(Required)Select an answerSPFDKIMDMARCSPF & DKIMNoneHow is Remote Desktop Protocol protected in your network?(Required)Select an answerRDP is offRDP is only used internallyRDP requires MFARDP Gateway in placeNone of the aboveWhich Office 365 security add-ons are utilized by your organization?(Required)Select an answer365 Not used365 ATP enabled365 MFA enabled365 ATP & MFA enabledOther security solutionWhat EDR solution is used by your organization?(Required)Select an answerCarbonBlackCrowdstrikeCylanceCyber-reasonSentinelOneCheckpoint SandblastCisco AMPCynetF-SecureSophos InterceptMicrosoft Defender ATP (E5 license)Another EDRBasic Antivirus (i.e. Webroot/eset/Malwarebytes)No EDR or AVHow often are Vulnerability/Penetration Tests done?(Required)Select an answerAnnualQuarterlyMonthlyNeverHow often is anti-phishing training conducted for your employees?(Required)Select an answerAnnualQuarterlyMonthlyNeverWhat is the extent of unsupported systems and applications in your network?(Required)Select an answerNo unsupported computers/applicationsLess than 1% of organizationLess than 3% of organizationGreater than 3% of organizationHow is your Managed Service Providers (MSP) access to the network controlled?(Required)Select an answerNo MSPMFA requiredApplication WhitelistingSecurity Assessment of MSPSeveral Security controls including aboveNone of the aboveDescribe your VPN Setup, or any remote/terminal computer environments?(Required)Select an answerMFA required to VPNRDS gateway with MFAVPN without MFARDS gateway without MFANo VPN or Remote access to environmentWhat best describes your organizations patch management procedure?(Required)Select an answerWe don't patchWe patch when there is something criticalWe have a quarantine, evaluation and patching procedureAll patches are automated to install once releasedWhat's the extent of your security events monitoring and logging?(Required)Select an answerNo monitoring / loggingIn house security teamMSSP (managed security service provider)In house fully managed SOCIn house SOC with SIEM/SOAR/UBAHow often are the applicant's critical systems and data files backed up?(Required)Select an answerContinuousMultiple times a dayDailyWeeklyMonthlyNo backupsWhat best describes your back-up storage?(Required)Select an answerFull system backup - local and cloud replicatedull system backup locallyFull system backup in the cloudFile system backup local/cloudN/AHow often is the companies network fail-over and recovery procedure tested?(Required)Select an answerMonthlyQuarterlyAnnuallyN/AWhat is your password length/complexity/lockout Group policy?(Required)Select an answerComplex passwords requiredPasswords over 8 charactersLockout policy in placeNone of the aboveHow many days are passwords good for in your organization?(Required)Select an answerLess than 45 daysLess than 120 daysForeverDo you have a MDM (mobile device management) solution for phones that access corporate information?(Required)Select an answerYesNoDo you have encryption on device hard drives (bitlocker)?(Required)Select an answerYesNoHiddenTotal ScoreHiddenFind out more about your scoreEmail CommentsThis field is for validation purposes and should be left unchanged.