Crucial Exams

ISC2 Governance, Risk and Compliance (CGRC) Practice Question

While revising data-handling procedures for a new moderate-impact cloud system, you must specify how Microsoft Word reports containing Controlled Technical Information (CTI) will be distributed by e-mail. Which approach meets the minimum CUI marking requirements for such documents?

  • Place a visible banner such as "CUI//CTI" in the header or footer of every page and include a CUI designation block with issuing organization and handling instructions.

  • Add "CUI" markings only when the report also contains personally identifiable information; otherwise, no special markings are required.

  • Embed a digital watermark indicating CUI status in the file metadata; visible text markings are optional if encryption is used.

  • Mark only the first (cover) page with "CTI" because internal pages are considered protected once the document is stored in the accredited system.

ISC2 Governance, Risk and Compliance (CGRC)
Selection and Approval of Framework, Security, and Privacy Controls
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot