CERTIFIED-IN-CYBERSECURITY · Question #338
CERTIFIED-IN-CYBERSECURITY Question #338: Real Exam Question with Answer & Explanation
The correct answer is A: Policies. Policies should be regularly reviewed and updated to ensure that an organization's cybersecurity practices remain effective and current. As the threat landscape and an organization's environment evolve, policies should be revised to reflect those changes and maintain the organiza
Question
To ensure cybersecurity practices remain effective, which documents should be regularly updated and reviewed?
Options
- APolicies
- BRegulations
- CStandards
- DProcedures
Explanation
Policies should be regularly reviewed and updated to ensure that an organization's cybersecurity practices remain effective and current. As the threat landscape and an organization's environment evolve, policies should be revised to reflect those changes and maintain the organization's security posture (see ISC2 Study Guide, Module 4, under Governance Elements). The remaining options are not typically reviewed and updated regularly to ensure that an organization's cybersecurity practices remain effective and current. Procedures are detailed documents that provide the granular steps required to implement a specific security measure or process. Regulations are external documents that are driven by industry requirements or government regulations. Standards provide a common set of best practices, guidelines, or requirements that can be applied across organizations within an industry
Topics
Community Discussion
No community discussion yet for this question.