CISSP
Actualtests.com - The Power of Knowing
Answer: C
An acceptable use policy is a document that the employee signs in which the expectations, roles
and responsibilities are outlined.
Issue -specific policies address specific security issues that management feels need more detailed
explanation and attention to make sure a comprehensive structure is built and all employees
understand how they are to comply to these security issues. - Shon Harris All-in-one CISSP
Certification Guide pg 62
QUESTION 10:
Which of the following defines the intent of a system security policy?
A. A definition of the particular settings that have been determined to provide optimum security.
B. A brief, high-level statement defining what is and is not permitted during the operation of the system.
C. A definition of those items that must be excluded on the system.
D. A listing of tools and applications that will be used to protect the system.
Answer: A
"A system-specific policy presents the management's decisions that are closer to the actual computers,
networks,
applications, and data. This type of policy can provide an approved software list, which contains a list of
applications that can be installed on individual workstations. This policy can describe how databases are to be
protected, how computers are to be locked down, and how firewall, intrusion diction systems, and scanners are
to be
employed." Pg 93 Shon Harris CISSP All-In-One Certification Exam Guide
QUESTION 11:
When developing an information security policy, what is the FIRST step that should be taken?
A. Obtain copies of mandatory regulations.
B. Gain management approval.
C. Seek acceptance from other departments.
D. Ensure policy is compliant with current working practices.
Answer: B
QUESTION 12:
Which one of the following should NOT be contained within a computer policy?
A. Definition of management expectations.
B. Responsibilities of individuals and groups for protected information.
C. Statement of senior executive support.
D. Definition of legal and regulatory controls.
评论2