A security policy would include all of the following EXCEPT
A. Background
B. Scope statement
C. Audit requirements
D. Enforcement
5 Comments on “A security policy would include all of the following EXCEPT”
dresays:
Wait, what? Why wouldn’t a security policy include a scope?
0
0
craigsays:
it should be C
0
0
craigsays:
Answer may be right. Or enforcement instead
0
0
nobodysays:
The security policy is an overview or generalization of
an organization’s security needs. It defines the main security objectives and outlines the
security framework of an organization. It also identifies the major functional areas of data
processing and clarifies and defines all relevant terminology. It should clearly define why
security is important and what assets are valuable. It is a strategic plan for implementing
security. It should broadly outline the security goals and practices that should be
employed to protect the organization’s vital interests. The document discusses the
importance of security to every aspect of daily business operation and the importance of
the support of the senior staff for the implementation of security. The security policy is
used to assign responsibilities, define roles, specify audit requirements, outline
enforcement processes, indicate compliance requirements, and define acceptable risk
levels. This document is often used as the proof that senior management has exercised
due care in protecting itself against intrusion, attack, and disaster. Security policies are
compulsory.
1
0
nobodysays:
Based on the above… Enforcement and audit requirement seems correct too. Scope statement is also correct… Crap questions.
Wait, what? Why wouldn’t a security policy include a scope?
0
0
it should be C
0
0
Answer may be right. Or enforcement instead
0
0
The security policy is an overview or generalization of
an organization’s security needs. It defines the main security objectives and outlines the
security framework of an organization. It also identifies the major functional areas of data
processing and clarifies and defines all relevant terminology. It should clearly define why
security is important and what assets are valuable. It is a strategic plan for implementing
security. It should broadly outline the security goals and practices that should be
employed to protect the organization’s vital interests. The document discusses the
importance of security to every aspect of daily business operation and the importance of
the support of the senior staff for the implementation of security. The security policy is
used to assign responsibilities, define roles, specify audit requirements, outline
enforcement processes, indicate compliance requirements, and define acceptable risk
levels. This document is often used as the proof that senior management has exercised
due care in protecting itself against intrusion, attack, and disaster. Security policies are
compulsory.
1
0
Based on the above… Enforcement and audit requirement seems correct too. Scope statement is also correct… Crap questions.
I will choose “A” – Background…
2
0