CERTIFIED-IN-CYBERSECURITY · Question #265
CERTIFIED-IN-CYBERSECURITY Question #265: Real Exam Question with Answer & Explanation
The correct answer is D: Standards. Standards are a set of best practices, guidelines, or requirements widely accepted within an industry (see ISC2 Study Guide, Module 4, under Governance Elements). The ISO/IEC 27000 family of standards are examples of standards that help organizations improve their information sec
Question
Which of the following is a set of best practices, guidelines, or requirements that is widely accepted within an industry and helps organizations maintain a consistent level of security?
Options
- ARegulations
- BPolicies
- CProcedures
- DStandards
Explanation
Standards are a set of best practices, guidelines, or requirements widely accepted within an industry (see ISC2 Study Guide, Module 4, under Governance Elements). The ISO/IEC 27000 family of standards are examples of standards that help organizations improve their information security management, maintaining a consistent level of security and can also be used as a benchmark for evaluating an organization's cybersecurity posture. Procedures are specific steps to be taken to complete a task, such as a security procedure. Policies, such as a security policy, are high-level statements of intent that guide decision-making. Regulations are laws or rules that must be followed, such as a data privacy regulation. Standards differ from the other options as they are not legally binding, but they are widely accepted and help organizations maintain consistent security.
Topics
Community Discussion
No community discussion yet for this question.