An effective information security policy should not have which of the following characteristic?

SSCP 0 Comments

An effective information security policy should not have which of the following characteristic?
A .  Include separation of duties
B .  Be designed with a short- to mid-term focus
C .  Be understandable and supported by all stakeholders
D .  Specify areas of responsibility and authority

Answer: B

Explanation: An effective information security policy should be designed with a long-term focus. All other characteristics apply. Source: ALLEN, Julia H., The CERT Guide to System and Network Security Practices, Addison- Wesley, 2001, Appendix B, Practice-Level Policy Considerations (page 397).

Latest SSCP Dumps Valid Version with 1074 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download SSCP PDF     SSCP Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments