CompTIA Security Plus Mock Test Q327

In which of the following categories would creating a corporate privacy policy, drafting acceptable use policies, and group based access control be classified?
A. Security control frameworks
B. Best practice
C. Access control methodologies
D. Compliance activity


Correct Answer: B
Section: Compliance and Operational Security

Explanation:
Best practices are based on what is known in the industry and those methods that have consistently shown superior results over those achieved by other means. Furthermore best practices are applied to all aspects in the work environment.

Incorrect Answers:
A: Security control frameworks refer to the backbone of SAFE (architecture) and unification is the underlying key to security which incorporates all ptrs of the network, including theWAN, the extranet, the Internet, and the intranet.
C: Access control methodologies refer to Mandatory- Discretionary- and Rule-based access control types that can be implemented.
D: Compliance activity usually comes into focus when a third party involvement is being considered.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 29