CAS-002 · Question #18
CAS-002 Question #18: Real Exam Question with Answer & Explanation
The correct answer is C: Communicate the security requirements with all stakeholders for discussion and buy-in.. Once security requirements are established, the next step is to communicate them to all stakeholders-technical and non-technical alike-to ensure understanding, surface conflicts with other requirements, and obtain buy-in. Without stakeholder agreement, security requirements risk
Question
Options
- ADocument the security requirements in an email and move on to the next most urgent task.
- BOrganize for a requirements workshop with the non-technical project members, being the
- CCommunicate the security requirements with all stakeholders for discussion and buy-in.
- DOrganize for a requirements workshop with the technical project members, being the
Explanation
Once security requirements are established, the next step is to communicate them to all stakeholders-technical and non-technical alike-to ensure understanding, surface conflicts with other requirements, and obtain buy-in. Without stakeholder agreement, security requirements risk being ignored, de-scoped, or poorly implemented. Option A (email and move on) is irresponsible and ensures the requirements will not be taken seriously. Option B limits communication to non-technical members, excluding the database, network, and application consultants who must actually implement the controls. Option D limits communication to technical members, excluding HR and transformation management who have significant influence over project priorities and scope.
Community Discussion
No community discussion yet for this question.