An information security manager learns that a departmental system is out of compliance with the information security policy’™s password strength requirements. Which of the following should be the information security manager’™s FIRST course of action?
A. Submit the issue to the steering committee for escalation
B. Conduct an impact analysis to quantify the associated risk
C. Isolate the non-compliant system from the rest of the network
D. Request risk acceptance from senior management
|
Download Printable PDF. VALID exam to help you PASS. |
 |