Multiple Choice
Which of the following is true about information security policy?
A) It should be written after a company has encountered an incident
B) It may conflict with the law
C) End users should not be involved in the creation of the policy
D) It must be able to stand up in court, if challenged
Correct Answer:
Verified
Correct Answer:
Verified
Q95: Which of the following is NOT a
Q96: Unless a policy actually reaches the end
Q97: A(n)<u>enterprise information</u> security policy is a type
Q98: A standard is built from a _.<br>A)
Q99: A disadvantage of creating a single comprehensive
Q101: According to Charles Cresson Wood "policies are
Q102: The _ component of an EISP defines
Q103: To ensure <u>due diligence</u> an organization must
Q104: An individual approach to creating the ISSPs
Q105: In some organizations,that which is not permitted