It is important to develop an information security baseline because it helps to define:
A.
critical information resources needing protection.
B.
a security policy for the entire organization.
C.
the minimum acceptable security to be implemented.
D.
required physical and logical access controls.
Explanation:
Developing an information security baseline helps to define the minimum acceptable security that will be implemented to protect the information resources in accordance with the respective criticality levels. Before determining the security baseline, an information security manager must establish the security policy, identify criticality levels of organization’s information resources and assess the risk environment in which those resources operate.
I have the same idea. C
0
0
Hello,
I would like to pass the CISM in September and I would like to know if the exam questions are still the same ?
Thanks in advance.
JJ
0
0