nerdexam
(ISC)2

CISSP-ISSMP · Question #69

Which of the following statements about Due Care policy is true?

The correct answer is C. It identifies the level of confidentiality of information.. Due Care, in the context of information security policy, refers to the standard of care that a reasonable and prudent organization applies to protect its information assets. A Due Care policy identifies the level of confidentiality (classification) of information and prescribes t

Security Leadership and Management

Question

Which of the following statements about Due Care policy is true?

Options

  • AIt is a method used to authenticate users on a network.
  • BIt is a method for securing database servers.
  • CIt identifies the level of confidentiality of information.
  • DIt provides information about new viruses.

How the community answered

(51 responses)
  • A
    4% (2)
  • B
    8% (4)
  • C
    86% (44)
  • D
    2% (1)

Explanation

Due Care, in the context of information security policy, refers to the standard of care that a reasonable and prudent organization applies to protect its information assets. A Due Care policy identifies the level of confidentiality (classification) of information and prescribes the appropriate protective measures for each level. Option A describes authentication, Option B describes server hardening, and Option D describes threat intelligence feeds - none of which relate to Due Care. Due Care is about demonstrating that reasonable, responsible protective steps were taken.

Topics

#Due Care#Information Security Policy#Information Classification#Security Management

Community Discussion

No community discussion yet for this question.

Full CISSP-ISSMP Practice