Pete, a security analyst, has been informed that the development team has plans to develop an application which does not meet the company's password policy. Which of the following should Pete do NEXT?
A. Contact the Chief Information Officer and ask them to change the company password policy so that the application is made compliant.
B. Tell the application development manager to code the application to adhere to the company's password policy.
C. Ask the application development manager to submit a risk acceptance memo so that the issue can be documented.
D. Inform the Chief Information Officer of non-adherence to the security policy so that the developers can be reprimanded.
Answer: B. Tell the application development manager to code the application to adhere to the company's password policy.
You might also like to view...
A ________ resolves a computer's fully qualified domain name (FQDN) to its IP address
a. Forward lookup zone b. Reverse lookup zone c. Universal lookup zone d. None of the above.
A written document that states how an organization plans to protect the company's information technology assets is a:
A. security policy B. guideline C. security procedure D. standard
A set of statements contained within a set of braces is known as a(n) ____ block.
A. reference B. instance C. object D. command
When an HTML file is linked to other files necessary to display the page content, these files are called connected files.
Answer the following statement true (T) or false (F)