(ISC)2(ISC)2
CGRC · Question #290
CGRC Question #290: Real Exam Question with Answer & Explanation
Sign in or unlock CGRC to reveal the answer and full explanation for question #290. The question stem and answer options stay visible for context.
Assessment/Audit of Security and Privacy Controls
Question
The final Security Assessment Report (SAR) should contain findings from the security control assessment and which of the ensuing? Response:
Options
- ADetermination of residual risk
- BSecurity control assessment plan
- CSystem Security Plan (SSP) and Concept of Operations (CONOPS)
- DRecommendations for control remediations
Unlock CGRC to see the answer
You've previewed enough free CGRC questions. Unlock CGRC for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#Security Assessment Report (SAR)#Control Remediation#Assessment Findings#Risk Management Framework (RMF)