28d • 🙋♂️ CISSP
CISSP Practice Question (Domain 6: Security Assessment and Testing)
A regulated enterprise relies on continuous automated control testing dashboards for audit readiness. An external auditor notes controls appear effective, but underlying test logic was recently modified by the same team being assessed. Management wants minimal disruption.
What is the MOST appropriate action to take NEXT?
A. Accept results since controls are continuously monitored
B. Perform an independent validation of assessment tools and methods
C. Increase testing frequency to offset potential bias
D. Document the issue as an accepted audit limitation
3
17 comments
CISSP Practice Question (Domain 6: Security Assessment and Testing)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+90
2
+51
3
+42
4
+39
5
+34
Powered by