CISSP-ISSMP · Question #69
Which of the following statements about Due Care policy is true?
The correct answer is C. It identifies the level of confidentiality of information.. Due Care, in the context of information security policy, refers to the standard of care that a reasonable and prudent organization applies to protect its information assets. A Due Care policy identifies the level of confidentiality (classification) of information and prescribes t
Question
Which of the following statements about Due Care policy is true?
Options
- AIt is a method used to authenticate users on a network.
- BIt is a method for securing database servers.
- CIt identifies the level of confidentiality of information.
- DIt provides information about new viruses.
How the community answered
(51 responses)- A4% (2)
- B8% (4)
- C86% (44)
- D2% (1)
Explanation
Due Care, in the context of information security policy, refers to the standard of care that a reasonable and prudent organization applies to protect its information assets. A Due Care policy identifies the level of confidentiality (classification) of information and prescribes the appropriate protective measures for each level. Option A describes authentication, Option B describes server hardening, and Option D describes threat intelligence feeds - none of which relate to Due Care. Due Care is about demonstrating that reasonable, responsible protective steps were taken.
Topics
Community Discussion
No community discussion yet for this question.