A security policy will take the form of a document or a collection of documents, depending on the situation or usage. It can become a point of reference in case a violation occurs that results in dismissal or other penalty. Which of the following is NOT true for a good security policy?

A. It must be enforceable with security tools where appropriate and with sanctions where actual prevention is not technically feasible

B. It must be approved by court of law after verifications of the stated terms and facts

C. It must be implemented through system administration procedures, publishing of acceptable use guide lines or other appropriate methods

D. It must clearly define the areas of responsibilities of the users, administrators and management








 

Suggested Answer: B

Community Answer: B



This question is in 212-89 EC-Council Certified Incident Handler Exam
For getting EC-Council Certified Incident Handler (ECIH)








Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by EC-Council. 
Trademarks, certification & product names are used for reference only and belong to EC-Council.
The website does not contain actual questions and answers from EC-Council's Certification Exams.