Frequent Questions      

     Security+ Practice Questions

 

Security policy audit

Home
Up                        Previous    

Q10. Which of the following policies describes the type of authorization required to perform a port scan of an organization's internetwork?

A. Acceptable use policy

B. Antivirus policy

C. Audit policy.

D. Nondisclosure agreement

  Correct Answer: C

 

Explanation:

Security policies describe the vulnerability assessments, incident-response guidelines, logs, and other security procedures. Some of the important security policies are:

1. Acceptable use policy: Describes the acceptable use of an organization's resources including computer hardware, software, email, and Internet resources.

2. Antivirus policy: Describes the measures to be taken for preventing and/or curing virus damage to a Corporate computer network.

3. Audit policy: An Audit policy helps you get the following:

a. Risk assessment, identification of all the potential threats and vulnerabilities within a company's IT systems, covering policies, processes, networks and applications.
b. Details of authorization, investigation, and user compliance.
c. A baseline for developing your organization's information security strategy.

4. Non-disclosure agreement: Agreement with a user for preventing sensitive information disclosure.

5. Password Policy: Describes password requirements including password length, duration, and guidelines.

6. Remote Access Policy: Describes access requirements for remote users.

7. Server security policy: Describes the security precautions to be taken such as isolating the internal server from web server (through the use of buffer zones such DMZ).

Home
Up                      Previous     

 


Disclaimer: All Simulation Exams practice tests, study guides and/or material are neither sponsored by, nor endorsed by, nor affiliated with Cisco® Systems, Inc., Microsoft® Corporation, Inc., CompTIA® , Check Point Software Corp., Prosoft® or any other company. All trademarks are trademarks of their respective owners and duly  acknowledged. MCSE ™, MCSE+I ™ are registered trademarks of Microsoft® Corporation and CCNA™, CCNP™, CCIE™ are registered trade marks of Cisco® Systems. A+™, Network+™, i-Net+™, Server+™ are registered trade marks of CompTIA®. CCSA™, CCSE™ are registered trademarks of CheckPoint® Software Corp. CIW™ is a trade mark of Prosoft®. Thank-you for your interest in Simulation Exams. Please see read me file before you download, install, and/or use any software from SimulationExams.com  For any information or questions regarding this Website, please e-mail webmaster at simulationexams.com

Copyright © 2000-2015 SimulationExams.com All rights reserved

Website design by Anandsoft.com