CISA/CISM认证学习讨论区

wangfans · 发表于 2008-7-16 23:45

学习

Ryan-liumin · 发表于 2008-7-26 13:25

好贴学习

kingmax9 · 发表于 2008-8-5 11:40

Which of the following should be included in an organization's IS security policy?

A、A list of key IT resources to be secured

B、The basis for access authorization

C、Identity of sensitive security features

D、Relevant software security features

ANSWER: B

NOTE: The security policy provides the broad framework of security, as laid down and approved by senior management. It includes a definition of those authorized to grant access and the basis for granting the access. Choices A, B and C are more detailed than that which should be included in a policy.
答案是否有误？A吧

yu0916 · 发表于 2008-8-5 15:15

appppa · 发表于 2008-8-18 10:09

原帖由 kingmax9 于 2008-8-5 11:40 发表
Which of the following should be included in an organization's IS security policy?

A、A list of key IT resources to be secured

B、The basis for access authorization

C、Identity of sensitive security features

D、Relevant software security features

ANSWER: B

NOTE: The security policy provides the broad framework of security, as laid down and approved by senior management. It includes a definition of those authorized to grant access and the basis for granting the access. Choices A, B and C are more detailed than that which should be included in a policy.
答案是否有误？A吧

policy 不包括具体的东西，A选项 A list of key IT resources to be secured 太过specific

itpub-ryan · 发表于 2008-8-19 11:29

有很多前辈哦

hulmutli765 · 发表于 2008-8-21 15:27

拿到CISM的证书了。550分。
分享一下好心情。呵呵

hulmutli765 · 发表于 2008-8-21 15:31

信息安全里分策划（CXO们主导，CISM的重点）、设计（信息安全主管负责，CISA的重点）、执行（CISSP的重点）、改进几个阶段。A、C、D都是设计和执行中的内容。

appppa · 发表于 2008-8-21 20:39

原帖由 hulmutli765 于 2008-8-21 15:27 发表
拿到CISM的证书了。550分。
分享一下好心情。呵呵

恭喜哦

KOYJ · 发表于 2008-8-22 16:09

好贴，学习中

CISA/CISM认证学习讨论区

回复 #135 appppa 的帖子

浏览过的版块