Network Defense Essentials (NDE) Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Study for the Network Defense Essentials Test. Prepare with flashcards and multiple choice questions, complete with hints and explanations. Get ready for your NDE exam!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which security policy framework addresses specific systems and includes DMZ and encryption policies?

Enterprise security policy
System-specific security policy (SSSP)
Issue-specific security policy (ISSP)
Network security policy

The correct answer is: System-specific security policy (SSSP)

The system-specific security policy (SSSP) is designed to provide guidance and requirements for individual systems within an organization. It focuses on the specific security controls pertinent to particular systems, which may include configurations related to the demilitarized zone (DMZ) and encryption requirements. The SSSP aims to address the unique security needs that arise from different types of systems operating within the broader organizational framework. This makes it the most suitable answer since it emphasizes particular technical measures necessary for the secure operation of specific systems, which can include the management of DMZ configurations — where external and internal network zones meet — and encryption policies to protect data both at rest and in transit. Other policy frameworks, such as the enterprise security policy, provide a high-level overview of the overall security strategy of an organization, while the issue-specific security policy and network security policy typically focus on specific issues or broader network guidelines, rather than on distinct systems with tailored controls. Thus, the SSSP is the most appropriate choice when discussing specific security measures for distinct systems, including DMZ and encryption.