CCCS-203B Question #129: Real Exam Question with Answer & Explanation

Question

Options

• ADefine a baseline of security controls aligned with existing regulatory standards.
• BUse default CrowdStrike compliance templates without modifications.
• CLimit the framework to addressing only one regulatory standard at a time.
• DEnable monitoring for endpoints but exclude periodic reporting.

Explanation

Option A: Defining a baseline of security controls is a critical step in creating a custom compliance framework. This ensures that the framework aligns with existing regulations, industry standards, and organizational needs. A well-defined baseline also serves as a reference point for evaluating the effectiveness of the framework over time. Misalignment with regulations can lead to compliance gaps and legal repercussions. Option B: Default templates provide a starting point, but they must be tailored to the organization's specific needs, regulatory landscape, and operational requirements. Using them without modifications may result in an incomplete or misaligned compliance framework. Option C: A compliance framework should ideally address multiple standards, especially when overlaps exist, to streamline efforts and reduce redundancy. Limiting the scope to one standard at a time is inefficient and can increase operational complexity. Option D: While endpoint monitoring is essential, excluding periodic reporting undermines the framework's ability to demonstrate ongoing compliance. Reporting helps identify deviations from compliance and facilitates audits.

No community discussion yet for this question.