CompTIA CASP+ Practice Test

What is the best course of action for a junior security administrator facing repeat policy violations in a department?

• A. Increase surveillance on the department
• B. Draft an MOU outlining acceptable behaviors
• C. Schedule a meeting with the board
• D. Restrict access to sensitive systems

The correct answer is: Draft an MOU outlining acceptable behaviors

Drafting a Memorandum of Understanding (MOU) outlining acceptable behaviors is an effective approach for addressing repeat policy violations in a department. An MOU serves as a formal agreement that clarifies expectations regarding security practices and behaviors that are required within the department. By creating a clear set of guidelines, the junior security administrator can foster a better understanding of what is expected from the employees and the consequences of non-compliance. This method can also promote dialogue and transparency between management and staff, which is crucial for building a culture of security compliance. It provides an opportunity for the employees to ask questions and seek clarification about the policies, ultimately leading to improved adherence. Further, an MOU can serve as a reference point for training and can be revisited regularly to ensure that it remains relevant and comprehensible as policies evolve. This proactive strategy focuses on education and cooperation, rather than immediate punishment or increased surveillance, which may lead to further dissatisfaction or resistance among employees. In contrast, increasing surveillance might raise privacy concerns and potentially lead to morale issues, while scheduling a meeting with the board may not directly address the immediate need for clarification and understanding at the department level. Restricting access to sensitive systems could be seen as punitive and may trigger resentment, possibly exacerbating the