Self test

Chapter 2 Domain 1: information security governance and risk management

1. Which of the following would be an example of a policy statement?

A. Protect PII by hardening servers

B. Harden Windows 7 by first installing the prehardened OS image

C. You may create a strong password by choosing the first letter of each word in a sentence and mixing in numbers and symbols

D. Download the CISecurity Windows benchmark and apply it

Correct Answer and Explanation: A. Answer A is correct; policy is high level and avoids technology specifics.

Incorrect Answers and Explanations: B, C, and D. Answers B, C, and D are incorrect. B is a procedural statement. C is a guideline. D is a baseline.

2. Which of the following describes the money saved ...

Get CISSP Study Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.