(ISC)2 Certified in Cybersecurity Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the (ISC)2 Certified in Cybersecurity Exam with comprehensive quizzes and extensive question banks. Enhance your skills with detailed explanations and practice tests designed to improve your expertise for the certification exam. Get exam-ready now!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

The document issued by Triffid Corporation explaining its commitment to best practices is a ______, and the SANS documents are ______.

Law, policy
Policy, standard
Policy, law
Procedure, procedure

The correct answer is: Policy, standard

The correct answer identifies the document issued by Triffid Corporation as a policy and categorizes the SANS documents as standards. A policy serves as a guiding principle that outlines an organization's approach to managing its operations concerning certain areas, such as cybersecurity best practices. It reflects the organization's commitment to certain behaviors or goals, guiding decision-making and establishing expectations for employees. In this context, the SANS documents are categorized as standards. Standards provide specific criteria or benchmarks that must be met in order to comply with an overarching policy. They offer detailed guidance on how to achieve the objectives laid out in the policy, often including technical specifications or best practices that help ensure consistent implementation across the organization. Understanding the distinction between policy and standards is critical in cybersecurity management, as policies provide the high-level framework and intent, while standards lay out the practical applications of meeting those objectives. The other answer choices do not appropriately match the definitions and intended uses of these terms within the context of organizational practices.