ISC2 Governance, Risk and Compliance (CGRC) Practice Question
While documenting the System Security Plan for a newly deployed cloud-based case-management system, the security architect must define the system's authorization boundary. Which element is most essential to capture in that boundary description to meet RMF requirements?
A roster of users who have privileged roles within the case-management application
An appendix outlining the data-retention schedule for each record type handled by the system
The organization's enterprise-wide privacy policy and related procedures
A comprehensive inventory of all hardware, software, and network interfaces that store, process, or transmit the system's information
The primary purpose of an authorization boundary is to identify every component that stores, processes, or transmits the system's information so that assessors and authorizing officials know precisely what must be protected and evaluated. Listing all hardware, software, and network interfaces establishes the scope of the security assessment and control implementation. Although data-retention schedules, privileged-user lists, and overarching privacy policies are important artifacts within a complete System Security Plan, they do not by themselves establish where the system begins and ends or what resources are subject to control selection. Therefore, specifying all system components and interconnections is the most critical detail for the authorization boundary.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is an inventory of hardware, software, and network interfaces critical to defining the authorization boundary?
Open an interactive chat with Bash
What is the main purpose of the RMF authorization boundary?
Open an interactive chat with Bash
How do assessors evaluate system security using an authorization boundary?
Open an interactive chat with Bash
ISC2 Governance, Risk and Compliance (CGRC)
Scope of the System
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .