Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
An IT security policy aims to protect the organization's: (most important)
IT assets
Software
Personnel
Physical assets
The answer included all of these, nevertheless, Personnel (Human Life) is the utmost to take care, always over assets, data, etc. ::: You guys include way too many "all of these" softballs. ::: x8
Information security policies, standards, procedures, and plans exist for one reason—to protect the organization and, by extension, its constituents from harm. Edit: I think that this question needs reworded.
EDIT: All these are equally important. Options need to be modified to include the most important down to the least important.
EditEdit: I disagree. A Disaster Recovery Plan must put Personnel safety above all, but an IT Security Policy protects IT Assets. In fact, the Policy should be designed to protect the IT assets from Personnel, who present the biggest risk. Before you say "It said "Security Policy".... This is the CISSP exam.
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.