CERTIFIED-IN-CYBERSECURITY · Question #409
CERTIFIED-IN-CYBERSECURITY Question #409: Real Exam Question with Answer & Explanation
The correct answer is B: Reduce the potential of security breaches to an acceptable level. The primary goal of a well-designed security policy is to reduce the potential for security breaches to an acceptable level (see ISC2 Study Guide, Chapter 5, Module 3). A security policy outlines an organization's rules, procedures, and practices for protecting its systems and da
Question
What does a well-designed security policy aim to achieve?
Options
- AReduce the cost of system operations
- BReduce the potential of security breaches to an acceptable level
- CIncrease the potential of security breaches
- DReduce the complexity of the system
Explanation
The primary goal of a well-designed security policy is to reduce the potential for security breaches to an acceptable level (see ISC2 Study Guide, Chapter 5, Module 3). A security policy outlines an organization's rules, procedures, and practices for protecting its systems and data. For example, an organization might have a security policy that requires all employees to use complex passwords and change them every 60 days. This policy would help reduce the risk of unauthorized access to the company's systems. As for the other options, increasing the potential for security breaches is the opposite of what a security policy is designed to do. While a well- designed security policy can contribute to more efficient system operations and potentially reduce costs, this is not its primary goal. While a less complex system may be easier to secure, reducing the complexity of the system is not the primary goal of a security policy.
Topics
Community Discussion
No community discussion yet for this question.