Explanation/Reference:
Explanation:
Everything not explicitly permitted is forbidden (default deny) improves security at a cost in functionality.
This is a good approach if you have lots of security threats. On the other hand., ""Everything not explicitly forbidden is permitted"" (default permit) allows greater functionality by sacrificing security. This is only a good approach in an environment where security threats are non- existent or negligible.

Section: Governance and Management of IT

Information Leakage Detection and Prevention (ILD&P) is a computer security term referring to systems designed to detect and prevent the unauthorized transmission of information from the computer systems of an organization to outsiders. Network ILD&P are gateway-based systems installed on the organization's internet network connection and analyze network traffic to search for unauthorized information transmissions. Host Based ILD&P systems run on end-user workstations to monitor and control access to physical devices and access information before it has been encrypted.

Explanation/Reference:
Explanation:
The use of an automated password management tool is a preventive control measure. The software would prevent repetition (semantic) and would enforce syntactic rules, thus making the passwords robust. It would also provide a method for ensuring frequent changes and would prevent the same user from reusing their old password for a designated period of time. Choices A, B and D do not enforce compliance.

Explanation/Reference:
Explanation:
Obtaining user approval of program changes is very effective for controlling application changes and maintenance.