CISM · Question #828
CISM Question #828: Real Exam Question with Answer & Explanation
The correct answer is D: Ensuring contracts with external parties mandate continuous verification and least privilege. Zero Trust is built on continuous verification and enforcing least privilege for every access request. Ensuring contracts require these principles for external parties is the most important action because it establishes enforceable expectations for how third parties will access a
Question
To align with the principles of Zero Trust, which of the following is the MOST important course of action when engaging with external parties?
Options
- AInsisting on regular comprehensive audits of external parties' access management practices
- BRequiring external parties to use a specific type of encryption for data at rest and in transit
- CMandating that external parties provide annual security training to their employees
- DEnsuring contracts with external parties mandate continuous verification and least privilege
Explanation
Zero Trust is built on continuous verification and enforcing least privilege for every access request. Ensuring contracts require these principles for external parties is the most important action because it establishes enforceable expectations for how third parties will access and use the organization’s resources.
Topics
Community Discussion
No community discussion yet for this question.