Which of the following is not one of the seven steps recommended by the NIST 800-53 standard for building an effective risk management system?
A. Understanding the impact of risk on each system in the organization
B. Adjust or tailor the initial baseline of security controls after assessing the impacts of identified risk
C. Monitor and assess selected controls continually
D. Perform adequate penetration testing activities to ensure security of software products
Answer: D
Computer Science & Information Technology
You might also like to view...
What does the type of data displayed in a crosstab query depend on?
A) The intersection of columns and rows B) What the query was based on C) The grouping of the data D) Which aggregate function used when the query was created
Computer Science & Information Technology
Adblock Plus is an add-on to IE used to block third-party advertisement pop-ups
Indicate whether the statement is true or false
Computer Science & Information Technology