Which choice below is the BEST description of operational assurance?
A.
Operational assurance has the benefit of containing and repairing damage from incidents.
B.
Operational assurance is the process of performing pre-employment background screening.
C.
Operational assurance is the process of examining audit logs to reveal usage that identifies
misuse.
D.
Operational assurance is the process of reviewing an operational system to see that security
controls are functioning correctly.
Explanation:
Operational assurance is the process of reviewing an operational
system to see that security controls, both automated and manual, are
functioning correctly and effectively. Operational assurance
addresses whether the systems technical features are being
bypassed or have vulnerabilities and whether required proceduresare being followed.
To maintain operational assurance, organizations use two basic
methods: system audits and monitoring. Asystem audit is a one-time
or periodic event to evaluate security. Monitoring refers to an ongoing
activity that examines either the system or the users.
*Answer “Operational assurance is the process of examining audit logs to reveal usage that
identifies misuse” is a description of an audit trail review.
Answer “Operational assurance has the benefit of containing and repairing damage from
incidents” is a description of a benefit of incident handling. The main benefits of
proper incident handling are containing and repairing damage from
incidents, and preventing future damagE.
*Answer “Operational assurance is the process of performing pre-employment background
screening” describes a personnel control.
Source: National Institute of Standards and Technology, An Introduction
to Computer Security: The NIST Handbook Special Publication 800-12.
Operational assurance is the process of reviewing an operational system to see that security
controls are functioning correctly.
0
0