A cybersecurity analyst report should contain minimum password requirements and policies and procedures. These are examples that are included in which control category?
- technical
- administrative
- operational
- physical
Explanation: During a penetration testing engagement, the cybersecurity analyst should analyze the findings and recommend the appropriate remediation within the report, including technical, administrative, operational, and physical controls. Administrative controls are policies, rules, or training designed and implemented to reduce risk and improve safety. Examples of administrative controls are role-based access control (RBAC), secure software development life cycle, minimum password requirements, and policies and procedures.
Exam with this question: 9.5.3 Quiz - Reporting and Communication Answers
Please login or Register to submit your answer