In this lab, you will research security policy frameworks. Next, you will determine the appropriate security policy definitions to mitigate specific risks, threats, or vulnerabilities. You will organize your results into a framework that can become part of a layered security strategy. This is a Theory Lab and does not require the use of a virtual environment.

Part $1$: Research Security Policy Frameworks

Summarize the Policy Development Guide$$s recommendations for organizing a policy hierarchy and selecting policy topics.

Describe the core principles and objectives of COBIT $2019.$

Part $2$: Define a Security Policy Framework

For each risk, threat, or vulnerability in the list above, select an appropriate security policy that might help mitigate it$.$ You can select one of the SANS policies or choose one from the following list.

Organize the security policies you selected so that they can be used as part of an overall framework for a layered security strategy.