9.10. Answers to Review Questions

  1. A. All aspects of security in the organization are included in the security management policy, including the policies in options B, C, and D.

  2. B. The information classification policy discusses information sensitivity and access to information.

  3. B. The configuration management policy is concerned with how systems are configured and what software can be installed on systems.

  4. A. Change documentation involves keeping records about how your network or organization changes over time.

  5. B. Enforcement of policies, procedures, and standards is essential for effective sustainability of security efforts. The saying "Inspect what you expect" is relevant in this situation.

  6. A. The term best practices refers to the essential elements ...

Get CompTIA Security+™: Study Guide, Fourth Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial