ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
Your organization's CIO signs a one-page document that declares: "All remote administrative access to production servers must employ multifactor authentication; any session established without MFA is expressly forbidden." The document contains no technical details or implementation steps. From a security governance perspective, this document is best classified as which type of administrative control?
A security policy is a brief, high-level statement of management's intent and overall requirements. It establishes mandatory rules (in this case, that MFA is required for all remote administrative access) without prescribing the exact technology or step-by-step process to achieve them. A standard would specify the exact technologies or configurations to satisfy the policy, a procedure would provide detailed instructions for implementing the requirement, and a baseline would define the minimum technical settings to be applied uniformly. Because the document merely states what must be achieved and carries executive authority, it is a policy.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the difference between a security policy and a security standard?
Open an interactive chat with Bash
Why are security policies considered administrative controls?
Open an interactive chat with Bash
How does a security policy differ from a security baseline?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Security Concepts and Practices
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .