Home » ISC » CISSP-2018 » An application developer is deciding on the amount of idle session time that the application allows before a timeout. The BEST reason for determining the session timeout requirement is
An application developer is deciding on the amount of idle session time that the application allows before a timeout. The BEST reason for determining the session timeout requirement is
A. organization policy.
B. industry best practices.
C. industry laws and regulations.
D. management feedback.
Correct Answer: A
Explanation/Reference:
Download Printable PDF. VALID exam to help you PASS.
|
|
hi, \m/ ( ͡ᵔ ͜ʖ ͡ᵔ ) \m/
A is the best answer, as Organization policy normally is derived from both best practices and regulations, however some time it is more strict.
I’m not sure I agree with A as the correct answer. Although it is a valid answer, most organizational policies are derived or modeled from IT frameworks like NIST and ITIL that provide best practices. Therefore, I believe the correct answer is B – industry best practices.