Who should have access to the security policy?a.Senior managementb.IT staffc.Everyoned.Business users

Permits the specification and enforcement of enterprise-specific security policies in a way that maps more naturally to an organization's structure and business activities.System Access controlRole-based access controlDiscretionary access controlMandatory access control;

You are the IT manager of a medium-sized company. You want to ensure that employees only have access to the data and systems necessary for their job roles. What administrative control should you implement?1.0 MarksEncryptionLeast Privilege Antivirus SoftwareBiometric AuthenticationFirewall

Among the following which one is the most important when it comes to protection of company or individual information as a security administrator a. Protection and proper use of company or client personal information b. Know the processes to protect company's information c. Build proper security practices within the organization d. all of the above

3A company’s website policy states that ”To gain access to the corporate website, each employee must provide a valid user name and password, and then answer one of six security questions accurately.”Which type of security does the policy address?

A security professional is auditing user permissions at their organization to ensure that only the customer service, sales, and marketing teams have access to customer data. Which domain does this scenario describe?1 pointAsset securitySecurity assessment and testingSecurity and risk managementCommunication and network security