(256) All of the
following are basic components of a security policy EXCEPT the
A. definition of the issue and
statement of relevant terms.
B. statement of roles and
responsibilities
C. statement of applicability and
compliance requirements.
D. statement of performance of
characteristics and requirements.
Correct Answer: D
Explanation/Reference:
Policies
are considered the first and highest level of documentation, from which the
lower level elements of standards,
procedures, and guidelines flow. This order, however, does not mean that
policies are more important than
the lower elements. These higher- level policies, which are the more general
policies and statements,
should be created first in the process for strategic reasons, and then the more
tactical elements can follow.
-Ronald Krutz
The CISSP PREP Guide (gold edition) pg 13
- Muhammad Idham Azhari
No comments:
Post a Comment