Which policy element is discretionary?

Prepare for the Network Security (NETSEC) 2 Exam. Utilize flashcards and multiple choice questions, complete with hints and detailed explanations. Excel in your security skills!

Multiple Choice

Which policy element is discretionary?

Explanation:
Discretion in policy elements comes from whether compliance is required or left to judgment. In security policy frameworks, standards establish mandatory requirements that must be followed, while guidelines are recommended practices that teams can choose to implement or adapt based on context, resources, and risk. This makes guidelines the discretionary element: they guide behavior without enforcing it. A standard might require MFA for remote access, which is a non-discretionary mandate; guidelines would suggest MFA as a best practice but not require it in every situation. Therefore, the discretionary element is guidelines.

Discretion in policy elements comes from whether compliance is required or left to judgment. In security policy frameworks, standards establish mandatory requirements that must be followed, while guidelines are recommended practices that teams can choose to implement or adapt based on context, resources, and risk. This makes guidelines the discretionary element: they guide behavior without enforcing it. A standard might require MFA for remote access, which is a non-discretionary mandate; guidelines would suggest MFA as a best practice but not require it in every situation. Therefore, the discretionary element is guidelines.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy