|
|
เตรียมตัวสอบ CISA
| Area 02 : Question 13 ( C1 - 13 ) |
|
3
4
|
Question : Which of the following should NOT be included in an organization's IS security policy ?
| A) |
Access philosophy |
| |
| B) |
Access authorization |
| |
| C) |
Importance of security awareness |
| |
| D) |
Identity of sensitive security features |
| Question |
| |
( ) |
|
| |
| Choice : A |
| |
| Choice : B |
| |
| Choice : C |
| |
| Choice : D |
The Correct Answer is :
D. Identity of sensitive security features
Explanation :
The security policies provided to all employees should not identify such sensitive security features such as password file names, technical security configurations, methods to bypass electronic security or system software files.
They should include all of the other components listed in this question.
|
