Crucial Exams

ISC2 Governance, Risk and Compliance (CGRC) Practice Question

A CGRC holds quarterly compliance reviews. You find production firewall configuration commits lack any linkage to approved change tickets, making audits difficult. Which control enhancement would most directly improve traceability while still allowing daily operational changes?

  • Configure the change management or version-control tool to auto-insert the approved ticket ID into every commit and require signed commits.

  • Permit administrators to implement urgent rule changes directly on devices and record them manually at month-end.

  • Disable configuration locking so multiple engineers can edit concurrently and speed up deployments.

  • Store all change documentation on an unversioned shared drive instead of in the change-tracking system.

ISC2 Governance, Risk and Compliance (CGRC)
Compliance Maintenance
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot