B. The information classification policy discusses information sensitivity and access to information.
B. The configuration management policy is concerned with how systems are configured and what software can be installed on systems.
A. Change documentation involves keeping records about how your network or organization changes over time.
B. Enforcement of policies, procedures, and standards is essential for effective sustainability of security efforts. The saying "Inspect what you expect" is relevant in this situation.
D. Information retention policies dictate what information must be archived and how long those archives must be kept.
A. Configuration management policy dictates the configurations and upgrades of systems in an organization.
C. Network technology and administration would not be covered in a user security-awareness program. Issues of policy, responsibilities, and importance of security would be key aspects of this program.
A. Managers would derive the most benefit from a high-level explanation of security threats and issues. Users need to know how to follow the policies and why they are important. Developers and network administrators need specific and focused information on how to better secure networks and applications.
A. Users should be placed in groups and managed by membership in those groups.
B. Access control lists (ACLs) hold permissions for users and groups.
C. The domain password permission identifies who can reset the password of a user object.
D. Logical tokens are similar in content to certificates. They contain the rights and access privileges of the token bearer.
A. Group policies allow you to automatically implement restrictions on operating system components.
3.149.243.130