Optimally, security governance is performed by a board of directors, but smaller organizations may simply have the CEO or CISO perform the activities of security governance. Which of the following is true about security governance? A. Security governance ensures that the requested activity or access to an object is possible given the rights and privileges assigned to the authenticated identity. B. Security governance is used for efficiency. Similar elements are put into groups, classes, or roles that are assigned security controls, restrictions, or permissions as a collective. C. Security governance is a documented set of best IT security practices that prescribes goals and requirements for security controls and encourages the mapping of IT security ideals to business objectives. D. Security governance seeks to compare the security processes and infrastructure used within the organization with knowledge and insight obtained from external sources. Hard to believe on the answer given by ISC2 which is D, but the correct answer is C. Correct me if I am wrong?
View More
Hi All, I am starting my CISSP preparation journey and planning to give the exam on May or June 2024. After watching videos regarding which resources to follow and tips and tricks. One thing was common is to create study group with the people who are also in same journey which will helps us to clear doubts and keep motivating us. So please if anyone is interested please reply me here. I am in EST time zone it will be great to connect with other people who are on same journey.
View More
Join us for twice weekly live study groups, instructor led sessions, practice questions, and expert Q&As. All FREE! Comment below for the link!
View More
Hello everyone, What programming languages should I focus on in order to be successful in a cybersecurity role? I'm transitioning into cybersec and want to build a solid pathway to be a CISO. Thank you!
View More
Hi All, I want to clear my CISSP exam within 3-6 months. Could you help me with the learning path which I need to follow? I have 7 Years of experience in the network domain. Should I follow any other study materials before I jump to CISSP? What is the new edition of the CISSP press book? TIA Thank you all
View More