During a quarterly review of security practices, an organization's CISO asks the ethical-hacking team to pinpoint which ongoing activity most clearly demonstrates due diligence-rather than merely due care-in managing the risks associated with remote-access authentication. Which of the following activities best satisfies the due-diligence requirement?
Distributing a notice to employees reminding them that all account activity is monitored.
Publishing an executive policy that mandates multifactor authentication for all remote access.
Purchasing cyber-insurance to offset potential losses from authentication failures.
Performing regular vulnerability scans to confirm that multifactor authentication is correctly enforced across systems.
Due care is the establishment of prudent, high-level security measures such as policies, user notices, or insurance to show management's intent to protect assets. Due diligence is the continuing, hands-on effort to verify that those measures are actually implemented and effective. Running regular vulnerability scans to confirm that multifactor authentication is enforced exemplifies due diligence because it actively tests and monitors the control's operation. The other options represent largely administrative or one-time actions, which fall under due care but do not provide the continuous technical validation required for due diligence.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the difference between due care and due diligence in cybersecurity?
Open an interactive chat with Bash
Why are regular vulnerability scans important for due diligence?
Open an interactive chat with Bash
What are some examples of due care and due diligence in remote-access security?
Open an interactive chat with Bash
What is the key difference between due care and due diligence in cybersecurity?
Open an interactive chat with Bash
Why is performing regular vulnerability scans considered due diligence?
Open an interactive chat with Bash
What is the role of multifactor authentication in remote access security?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Information Security and Ethical Hacking Overview
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .