
本帖最后由 宅男女神 于 2016-1-24 17:15 编辑 CISSP正版题库TestKing.v10 245Q
8 {' V. r# B" D& C5 q3 C$ D6 M
, k# S6 t3 e& j, g, s) @ H7 o. o课程介绍、目录及截图:* H; F& m, t, y" K) d' H* t0 E
Exam A+ ~# W, H h. u- M
QUESTION 1
( n+ F4 }1 B+ D ^All of the following are basic components of a security policy EXCEPT the/ d+ i5 f. G8 S9 s' G9 ? O
A. definition of the issue and statement of relevant terms.) y1 i( ~- V1 z3 K6 O
B. statement of roles and responsibilities5 T3 V5 p+ U# T9 z" G2 H
C. statement of applicability and compliance requirements.4 R0 ?) l% H' D
D. statement of performance of characteristics and requirements.
: w0 Y: l( U4 X9 f2 a9 x8 KCorrect Answer: D6 ~4 @6 `% L ` k4 j/ B8 @- s
Explanation; ]1 H3 ^% w/ D# L9 ~% f3 M5 U
Explanation/Reference:1 @. {: F8 ^( g% s7 A7 @- ?
Explanation: Policies are considered the first and highest level of documentation, from which the lower level$ @6 v! G4 X7 ~4 {' n
elements of standards, procedures, and guidelines flow. This order, however, does not mean that policies are! f8 d0 u d6 w8 ^
more important than the lower elements. These higher-level policies, which are the more general policies and3 R; t) v+ P7 c6 @' g6 x+ E7 k9 \
statements, should be created first in the process for strategic reasons, and then the more tactical elements" [% p7 v- T6 i& q
can follow. -Ronald Krutz The CISSP PREP Guide (gold edition) pg 13
# \/ A3 `* w: Q' E. N' P3 @QUESTION 2, V; ]! h( ?3 |1 G
A security policy would include all of the following EXCEPT( z! b/ N" _* W5 f( g/ f- E
A. Background+ j9 F8 ^" A% |& t$ Q5 l C- U
B. Scope statement) }4 ^8 Z' u! @9 N
C. Audit requirements
" b" n t! D: [( e3 d6 Z) dD. Enforcement
1 \+ C0 i! n0 J+ l0 l/ j; nCorrect Answer: B, i! `0 F6 `$ X% n& G+ `5 y/ m
Explanation3 }2 ^0 _* Z1 |: m! [- Q
Explanation/Reference:
2 L/ z2 j, C _' M( h% uExplanation:
9 w' U' t5 y1 p0 S; @4 ~3 h"Pass Any Exam. Any Time." - www.actualtests.com 2
6 s1 I1 P. s2 L$ H& {- D6 JISC CISSP Exam' q6 b. X8 Z* {9 N% R# d
QUESTION 3
5 s! H' w5 X; L$ Q$ SWhich one of the following is an important characteristic of an information security policy?
8 ]% A- h% n) JA. Identifies major functional areas of information.
* W8 C, F" b& N; N, tB. Quantifies the effect of the loss of the information.# W0 V0 x- v o: x6 X, h7 f
C. Requires the identification of information owners.( a# v7 U4 v' ^% L- Q% b8 [
D. Lists applications that support the business function.
i" C$ U6 G- t( W- x5 W6 PCorrect Answer: A
- N+ E& r" [" J* p5 ^# F" xExplanation4 e; n' O5 G# H6 ^9 R u
Explanation/Reference:8 _4 v" P' z' d. w
Explanation: Information security policies area high-level plans that describe the goals of the procedures./ [ {0 R P, ?, F& b
Policies are not guidelines or standards, nor are they procedures or controls. Policies describe security in
8 y4 V) ~' o0 V v7 v9 v# }# X" p1 rgeneral terms, not specifics. They provide the blueprints for an overall security program just as a specification
1 m. \) g5 t8 ]defines your next product - Roberta Bragg CISSP Certification Training Guide (que) pg 2064 B! d# ], U. F
QUESTION 4& v; m* I5 z9 ?6 Y& v
Ensuring the integrity of business information is the PRIMARY concern of9 L: y6 p- I# N3 Q
' O$ `7 `4 V* r0 w* a
下载链接: 论坛便捷链接:7 G) Q# I' [0 ~
9 ]3 |! y9 W2 i/ Z& Z2 P
能帮助您和更多的人找到自己想要的资料并取得更大进步,是我们最大的愿望。 | , @1 g- f: A) U
|
|