Appendix: Self-Test

Chapter 2: Domain 1: Security and Risk Management

  1. 1. Which of the following would be an example of a policy statement?
    1. A. Protect PII by hardening servers
    2. B. Harden Windows 11 by first installing the pre-hardened OS image
    3. C. You may create a strong password by choosing the first letter of each word in a sentence and mixing in numbers and symbols
    4. D. Download the CISecurity Windows benchmark and apply it

Correct Answer and Explanation: A. Answer A is correct; policy is high level and avoids technology specifics.

Incorrect Answers and Explanations: B, C, and D. Answers B, C, and D are incorrect. B is a procedural statement. C is a guideline. D is a baseline.

  1. 2. Which of the following describes the money saved by implementing a ...

Get CISSP® Study Guide, 4th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.