Which of the following policies is used to add additional information about the overall security posture and serves to protect employees and organizations from inefficiency or ambiguity?

Which of the following policies is used to add additional information about the overall security posture and serves to protect employees and organizations from inefficiency or ambiguity?
A . User policy
B . IT policy
C . Issue-Specific Security Policy
D . Group policy

View Answer

Answer: C

Explanation:

The Issue-Specific Security Policy (ISSP) is used to add additional information about the overall security posture. It helps in providing detailed, targeted guidance for instructing organizations in the secure use of tech systems. This policy serves to protect employees and organizations from inefficiency or ambiguity.

Answer option A is incorrect. A user policy helps in defining what users can and should do to use network and organization’s computer equipment. It also defines what limitations are put on users for maintaining the network secure such as whether users can install programs on their workstations, types of programs users are using, and how users can access data.

Answer option B is incorrect. IT policy includes general policies for the IT department. These policies are intended to keep the network secure and stable. It includes the following:

Virus incident and security incident

Backup policy

Client update policies

Server configuration, patch update, and modification policies (security)

Firewall policies

Dmz policy, email retention, and auto forwarded email policy

Answer option D is incorrect. A group policy specifies how programs, network resources, and the operating system work for users and computers in an organization.