Which control category includes information on mandatory vacations and user training in the cybersecurity analyst report?
- technical
- administrative
- operational
- physical
Explanation: During a penetration testing engagement, the cybersecurity analyst should analyze the findings and recommend the appropriate remediation within the report, including technical, administrative, operational, and physical controls. Operational controls focus on day-to-day operations and strategies. Operational controls include job rotation, time-of-day restrictions, mandatory vacations, and user training.
Exam with this question: 9.5.3 Quiz - Reporting and Communication Answers
Please login or Register to submit your answer