nerdexam
ExamsCGRCQuestions#389
(ISC)2(ISC)2

CGRC · Question #389

CGRC Question #389: Real Exam Question with Answer & Explanation

The correct answer is B: Verification. Automation in ongoing assessments facilitates increased volume, coverage, and frequency, but the critical human element of verification remains essential.

Assessment/Audit of Security and Privacy Controls

Question

The use of automation to support ongoing assessments facilitates all but one of the following. Response:

Options

  • AVolume
  • BVerification
  • CCoverage
  • DFrequency

Explanation

Automation in ongoing assessments facilitates increased volume, coverage, and frequency, but the critical human element of verification remains essential.

Common mistakes.

  • A. Automation significantly increases the volume of security checks and assessments that can be performed across an IT environment, making it a key facilitator.
  • C. Automated tools can scan a broader range of systems, configurations, and vulnerabilities, thus improving the coverage of assessments across an organization's assets.
  • D. Automation enables assessments to be run much more frequently, shifting from periodic manual checks to continuous or near-continuous monitoring, improving the timeliness of security insights.

Concept tested. Benefits of security automation

Reference. https://csrc.nist.gov/glossary/term/continuous-monitoring

Topics

#Automated assessments#Assessment capabilities#Control verification#GRC automation

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CGRC PracticeBrowse All CGRC Questions