Appendix: Self Test

Chapter 2: Domain 1: Security and Risk Management

1. Which of the following would be an example of a policy statement?
A. Protect PII by hardening servers
B. Harden Windows 7 by first installing the pre-hardened OS image
C. You may create a strong password by choosing the first letter of each word in a sentence and mixing in numbers and symbols
D. Download the CISecurity Windows benchmark and apply it
Correct Answer and Explanation: A. Answer A is correct; policy is high level and avoids technology specifics.
Incorrect Answers and Explanations: B, C, and D. Answers B, C, and D are incorrect. B is a procedural statement. C is a guideline. D is a baseline.
2. Which of the following describes the money saved by implementing a ...

Get CISSP Study Guide, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.