Posted by: Pdfprep
Post Date: October 19, 2020
A security policy states that all applications on the network must have a password length of eight characters. There are three legacy applications on the network that cannot meet this policy. One system will be upgraded in six months, and two are not expected to be upgraded or removed from the network. Which of the following processes should be followed?
A . Establish a risk matrix
B . Inherit the risk for six months
C . Provide a business justification to avoid the risk
D . Provide a business justification for a risk exception
Answer: D
Leave a Reply