nerdexam
ExamsCISSPQuestions#1521
(ISC)2(ISC)2

CISSP · Question #1521

CISSP Question #1521: Real Exam Question with Answer & Explanation

In the SAMM governance domain, the correct arrangement maps each practice area to its corresponding assessment questions: Secure Architecture addresses design-level security controls, Education & Guidance covers security training and awareness programs, Strategy & Metrics focuses

Submitted by cyberguy42· Mar 5, 2026Understand the structure and practice areas within the OWASP Software Assurance Maturity Model (SAMM) Governance domain, including the ability to match security practices to their corresponding assessment objectives.

Question

Drag and Drop Question Match the objectives to the assessment questions in the governance domain of Software Assurance Maturity Model (SAMM). Answer:

Explanation

In the SAMM governance domain, the correct arrangement maps each practice area to its corresponding assessment questions: Secure Architecture addresses design-level security controls, Education & Guidance covers security training and awareness programs, Strategy & Metrics focuses on organizational security goals and measurement, and Vulnerability Management deals with identifying and remediating security weaknesses. These four practices together form the core pillars of the SAMM governance domain, each with distinct assessment criteria that evaluate an organization's maturity in that specific area.

Topics

#SAMM#Software Assurance Maturity Model#Governance Domain#Security Practices

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CISSP PracticeBrowse All CISSP Questions