A security administrator is required to submit a detailed implementation plan and back out plan to
get approval prior to updating the firewall and other security devices. Which of the following types
of risk mitigation strategies is being followed?
A.
Change management
B.
Routine audit
C.
Rights and permissions review
D.
Configuration management
Explanation: