The purpose of security policies and procedures in an organization is to establish guidelines, rules, and best practices to protect the organization's assets, data, and resources from potential threats and vulnerabilities.

To increase employee productivity

To promote work-life balance

To enhance customer satisfaction

Mandatory access control is more flexible than discretionary access control.

The main difference is in who sets the access rights: system administrator for mandatory access control, resource owner for discretionary access control.

Discretionary access control is only used in government systems.

Mandatory access control allows users to set their own access rights.

Cryptography slows down the data transmission process due to complex encryption methods.

Cryptography changes the data format to make it easier to intercept during transmission.

Cryptography compresses data to reduce its size during transmission.

Cryptography encrypts data using algorithms and keys to keep it secure during transmission.

Detection, Analysis, Remediation, Validation, Documentation

Assessment, Isolation, Resolution, Backup, Reporting

Prevention, Response, Mitigation, Restoration, Evaluation

Preparation, Identification, Containment, Eradication, Recovery, Lessons Learned

Firewalls play a crucial role in enforcing network security protocols by monitoring and controlling traffic flow.

Firewalls are used to create network connections

Firewalls are responsible for managing software updates

Firewalls are designed to enhance network speed

Identifying and assessing risks does not impact security measures

Cybersecurity can be maintained without considering potential risks

Risk management is not important for cybersecurity

Risk management helps identify, assess, and prioritize potential risks to information assets, enabling the implementation of appropriate security measures.

Biometric authentication methods, Firewall configurations, Data backup procedures

Physical security measures, Network monitoring tools, Cloud computing services

Software development practices, Employee break policies, Marketing strategies

Access control measures, Data encryption protocols, Incident response procedures, Security awareness training, Regular security audits