exam questions

Exam CISSP All Questions

View all questions & answers for the CISSP exam

Exam CISSP topic 1 question 248 discussion

Actual exam question from ISC's CISSP
Question #: 248
Topic #: 1
[All CISSP Questions]

What is the FIRST step for an organization to take before allowing personnel to access social media from a corporate device or user account?

  • A. Publish an acceptable usage policy.
  • B. Publish a social media guidelines document.
  • C. Deliver security awareness training.
  • D. Document a procedure for accessing social media sites.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
74gjd_37
5 months, 3 weeks ago
Selected Answer: A
The correct answer is A. Publish an acceptable usage policy. Before allowing personnel to access social media from a corporate device or user account, the organization should publish an acceptable usage policy that outlines the acceptable use of social media and the consequences of violating the policy. This policy should be communicated to all personnel and should cover topics such as the types of social media that are allowed, the types of content that can be posted, and the risks associated with social media use. The policy should also outline the procedures for reporting incidents and the consequences of violating the policy.
upvoted 4 times
...
HughJassole
9 months, 2 weeks ago
D. This question asks for the FIRST step. The first step is to write a doc on how to access, then you publish it and train employees. It has to be written first.
upvoted 3 times
...
RVoigt
1 year ago
Selected Answer: A
CISSP Official Study Guide pg 96 "Workers can easily waste time and system resources by interacting with social media when that task is not part of their job description. The company's acceptable user policy (AUP) should indicate that workers need to focus on work while at work rather than spending time on personal or non-work-related tasks."
upvoted 3 times
jackdryan
10 months, 1 week ago
A is correct
upvoted 1 times
...
...
init2winit
1 year, 2 months ago
Selected Answer: A
AUP.. Employees sign when they start as it applies to Corporate owned assets.
upvoted 4 times
...
DJOEK
1 year, 2 months ago
Selected Answer: A
An acceptable usage policy (AUP) is a document that outlines the acceptable and prohibited behaviors for personnel when using organizational resources, such as computers, networks, and user accounts. This includes guidelines for the use of social media, both in terms of content and interactions.
upvoted 4 times
...
rajkamal0
1 year, 2 months ago
Selected Answer: C
I go with C. The security awareness training should come first before AUP.
upvoted 1 times
...
CertifyYou
1 year, 3 months ago
Selected Answer: A
AUP is done first as it has to be sign when allowed to use a corporate device. So A.
upvoted 2 times
...
sec_007
1 year, 3 months ago
Selected Answer: C
C is correct and encompasses everything the employee should follow in this scenario.
upvoted 1 times
...
Jamati
1 year, 4 months ago
Selected Answer: C
First conduct security awareness training on the dangers of social media and social engineering, then publish an acceptable use policy. Social media can be a means by which workers intentionally or accidentally distribute internal, confidential, proprietary, or PII data to outsiders. This may be accomplished by typing in messages or participating in chats in which they reveal confidential information. This can also be accomplished by distributing or publishing sensitive documents.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago