Effective CISSP Questions

You are the system owner of the ERP system and have selected baseline controls from a security control framework. A security control specified in the baseline needs to be modified based on system-specific requirements. Which of the following is the best means to justify the adjustment? (Wentz QOTD)
A. Information security policy
B. The result of risk assessment
C. The impact level of the system
D. The high watermark of the information types processed by the system

Read more of this post

Wentz Wu | September 8, 2021 at 7:37 pm | Categories: QOTD, Technology, 每日一題 | URL: https://wp.me/p2X0VJ-8Cw
Comment