(258) Which one of the
following is an important characteristic of an information security policy?
A. Identifies major functional
areas of information.
B. Quantifies the effect of the
loss of the information.
C. Requires the identification of
information owners.
D. Lists applications that
support the business function.
Correct Answer: A
Explanation/Reference:
Information
security policies area high-level plans that describe the goals of the
procedures. Policies are not guidelines or
standards, nor are they procedures or controls. Policies describe security in
general terms, not specifics. They
provide the blueprints for an overall security program just as a specification
defines your next product -
Roberta Bragg CISSP Certification Training Guide (que) pg 206
- Muhammad Idham Azhari
No comments:
Post a Comment