A company plans to implement a new data protection strategy that accommodates its diverse asset types and varied compliance requirements. Which approach should the organization take to develop a tailored security framework?
Select controls based on industry standards that apply to the specific data types handled by the organization.
Focus on the stringent regulatory requirements and consider the specific context of each asset.
Implement the same set of controls across various asset types to maintain uniformity in security measures.
Conduct a risk assessment for each asset type and map relevant controls based on their unique requirements.
The best approach involves aligning specific security measures to the types of assets being protected and the applicable regulatory requirements. This ensures the security framework is effective and compliant with relevant laws and standards. Incorrect options may indicate a one-size-fits-all strategy or inappropriate control implementations that do not comprehensively address the requirements for the assets.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a risk assessment and why is it important?
Open an interactive chat with Bash
What are compliance requirements and why do they matter for data protection?
Open an interactive chat with Bash
What are industry standards for security controls and how can they guide organizations?
Open an interactive chat with Bash
ISC2 CISSP
Asset Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access