ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
An enterprise operating multiple AWS accounts wants to establish stronger governance and tasks an SSCP-certified practitioner with writing a Cloud Acceptable Use Policy that will serve as an administrative security control complementing existing technical safeguards. Following industry guidance for security policies, which type of information should the practitioner emphasize in the policy?
An exhaustive inventory of every S3 bucket and its encryption status, updated weekly.
Specific metrics and thresholds required to trigger auto-scaling actions for production workloads.
High-level statements of management intent that define acceptable and unacceptable behavior when using organizational and cloud resources.
Detailed step-by-step procedures for configuring AWS Identity and Access Management (IAM) roles and policies.
Security policies are administrative controls that communicate management's intent and expectations. They are concise, high-level statements that describe allowed and prohibited activities, set overall direction, and assign authority. Policies do not contain the granular how-to steps found in procedures, the numeric thresholds found in standards or baselines, or constantly changing asset inventories. Therefore, focusing the Cloud Acceptable Use Policy on broad directives that define acceptable and unacceptable behavior is the correct approach, while the other options describe content better suited for supporting documents such as procedures, standards, or operational inventories.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an administrative security control?
Open an interactive chat with Bash
How does a Cloud Acceptable Use Policy differ from technical safeguards?
Open an interactive chat with Bash
Why are policies considered high-level statements and not detailed instructions?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Security Concepts and Practices
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .