To fill the first blank, select one of the options below. The other option will automatically appear in the second blank.
procedures
policies
Security policies define which of a company's resources are to be protected, whereas security procedures define how to protect them.
2. Which of the following should be the first step in developing a security policy?
Choose an option.
Assigning risk factors
Prioritizing resources
Classifying resources
Defining acceptable and unacceptable activities 3. Which of the following statements best describes a company's information protection policy?
Choose an option.
It defines methods of remotely connecting to the main network
It provides guidelines on how users should process, store, and transmit sensitive information
It provides guidelines for reporting and managing virus infections
It defines the appropriate use of computing resources