Question: Which of the following defines the intent of a system security policy?
A. A definition of the particular settings that have been determined to provide optimum security.
B. A brief, high-level statement defining what is and is not permitted during the operation of the system.
C. A definition of those items that must be excluded on the system.
D. A listing of tools and applications that will be used to protect the system.

Download pdf (with explanations) edition of this exam.