CompTIA Security+ SY0-701 Practice Question
Which of the following best describes the primary purpose of a security policy?
To provide a high-level framework for an organization's approach to security
To specify encryption standards for data at rest and in transit
To detail specific incident response procedures
To define access control lists for network resources