Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which policy authorizes a group of users to perform a set of actions on a set of resources?

  1. Access control policy

  2. Data privacy policy

  3. Incident response policy

  4. Network security policy

The correct answer is: Access control policy

The access control policy is essential for defining permissions and rights within an organization's information systems. It specifies which users or groups have the authority to perform particular actions on various resources, such as files, applications, or database records. This policy ensures that users only have access to the information necessary for their roles, adhering to the principle of least privilege. In contrast, the data privacy policy focuses on how personal data is collected, stored, processed, and shared, aimed at protecting user privacy rather than controlling access. The incident response policy outlines procedures for responding to security breaches or incidents but does not directly address user permissions. The network security policy governs the security measures applied to the organization's network infrastructure, including firewalls and secure communication practices, but it does not define user access rights explicitly. Thus, the access control policy is the most relevant choice for authorizing specific actions for groups of users on designated resources.

More Questions Like This