Which option demonstrates that an organization is meeting recognized obligations in protecting resources across multiple areas, reducing potential claims of negligence?
Maintaining documented security procedures aligned with recognized external requirements for each area of the environment
Requiring that all users inspect their own systems for vulnerabilities without providing resources or training
Keeping a minimal log of access attempts that focuses on top executives and ignores lower-level users
Applying least-privilege controls to specialized systems while avoiding the rest of the corporate network
Maintaining documented procedures aligned with recognized external requirements shows consistent accountability. This indicates the organization has identified standards it must uphold and is implementing them. Relying on limited logging, requiring users to address vulnerabilities on their own without guidance, or focusing protections on a small portion of systems do not fulfill the broader obligations for security practices.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does 'recognized external requirements' mean in security procedures?
Open an interactive chat with Bash
Why are documented security procedures important?
Open an interactive chat with Bash
What is 'least-privilege' and how does it differ from broad security obligations?