SY0-501 · Question #507
SY0-501 Question #507: Real Exam Question with Answer & Explanation
The correct answer is C: provides step-by-step instructions for performing a task.. In security governance, different documents serve distinct purposes. A procedure is specifically an operational document that provides detailed, step-by-step instructions for carrying out a specific task.
Question
A procedure differs from a policy in that it:
Options
- Ais a high-level statement regarding the company's position on a topic.
- Bsets a minimum expected baseline of behavior.
- Cprovides step-by-step instructions for performing a task.
- Ddescribes adverse actions when violations occur.
Explanation
In security governance, different documents serve distinct purposes. A procedure is specifically an operational document that provides detailed, step-by-step instructions for carrying out a specific task.
Common mistakes.
- A. A high-level statement regarding the company's position on a topic describes a policy, not a procedure - policies set the organizational intent and direction without specifying how tasks are carried out.
- B. Setting a minimum expected baseline of behavior describes a standard, which defines the specific mandatory requirements that support a policy rather than providing step-by-step operational guidance.
- D. Describing adverse actions when violations occur relates to enforcement mechanisms or disciplinary procedures within a policy framework, not the operational definition of a procedure.
Concept tested. Distinguishing policy, standard, procedure, and guideline
Reference. https://csrc.nist.gov/publications/detail/sp/800-12/rev-1/final
Community Discussion
No community discussion yet for this question.