Questions and Answers
What is the main purpose of a security policy?
What type of action does an 'Advisory' security policy indicate?
In the context of a security policy, what does the term 'Baseline' refer to?
What distinguishes 'Regulatory' security policies from 'Advisory' and 'Informative' policies?
Signup and view all the answers
What should a password policy mainly establish in an organization?
Signup and view all the answers
What is the main difference between the 'defend' and 'mitigate' risk control strategies?
Signup and view all the answers
What is the primary purpose of an Information Security Policy?
Signup and view all the answers
What is the difference between a 'policy' and a 'standard' in terms of security documents?
Signup and view all the answers
In the context of information security, what does 'governance' refer to?
Signup and view all the answers
Why are security policies considered organizational laws?
Signup and view all the answers