Correct & 100% Verified Answers |Guaranteed to Pass
Enterprise Security Architecture (ESA) ✔Correct Answer-Focused on setting the long-term
strategy for security services in the enterprise.
Regulatory Compliance ✔Correct Answer-Regulations mandated by law usually requiring
regular audits and assessments.
Prescriptive Frameworks ✔Correct Answer-A framework that describes specific cybersecurity
issues, such as security controls, which must be addressed. Examples are COBIT, ITIL, ISO, and
PCI DSS.
Risk-based Frameworks ✔Correct Answer-A framework that focuses on the management and
measurement of risk.
Code of Ethics ✔Correct Answer-Set of rules or standards that help to promote ethical
actions.
Acceptable Use Policy (AUP) ✔Correct Answer-Defines how users should use information and
network resources in an organization.
Password Policy ✔Correct Answer-Defines the requirements for passwords within the
organization.
Data Ownership Policy ✔Correct Answer-Defines who will be responsible for what data. It
should identify ownership, who is responsible for protecting the data, how privacy will be
protected, and how data will be shared.
Account Management Policy ✔Correct Answer-Defines who creates accounts, supports user
accounts, and who closes accounts upon termination.
Data Retention Policy ✔Correct Answer-Defines how data is managed and disposed of.
Monitoring Policy ✔Correct Answer-Specifies when and how systems should be monitored.
Security Frameworks ✔Correct Answer-List of objectives and actions designed to mitigate the
risk of an attack.
Framework-based Governance ✔Correct Answer-Helps evaluate the performance of those
responsible for installing, maintaining, and securing IT assets.