CGRC Question #682: Real Exam Question with Answer & Explanation

Sign in or unlock CGRC to reveal the answer and full explanation for question #682. The question stem and answer options stay visible for context.

Selection and Approval of Framework, Security, and Privacy Controls

Question

A large organization has a documented information security policy that has been reviewed and approved by senior officials and readily available to all organizational staff. This information security policy explicitly addresses each of the control families in NIST SP 800-53. Some system owners also established procedures for the technical class of security controls on certain of their systems. In their respective system security plans, control AC-1 Access Control Policy and Procedures (a technical class security control) must be identified as what type of control? Response:

Options

AFully inheritable
BHybrid
CSystem specific
DInherited

Unlock CGRC to see the answer

You've previewed enough free CGRC questions. Unlock CGRC for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock CGRC - $49.99 / 30 days Sign in

Topics

#NIST SP 800-53#Hybrid Controls#Common Controls#System Security Plan

Full CGRC Practice Browse All CGRC Questions