Scenario: A CISO has several two-factor authentication systems under review and selects the one that is most sufficient and least costly. The implementation project planning is completed and the teams are ready to implement the solution. The CISO then discovers that the product it is not as scalable as originally thought and will not fit the organization's needs. The CISO discovers the scalability issue will only impact a small number of network segments.
What is the next logical step to ensure the proper application of risk management methodology within the two-factor implementation project?

A. Decide to accept the risk on behalf of the impacted business units

B. Create new use cases for operational use of the solution

C. Report the deficiency to the audit team and create process exceptions

D. Determine if sufficient mitigating controls can be applied








 

Suggested Answer: D






This question is in 712-50 EC-Council Certified CISO (CCISO) Exam
For getting EC-Council Certified CISO (CCISO) Certificate




Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by EC-Council.
Trademarks, certification & product names are used for reference only and belong to EC-Council.
The website does not contain actual questions and answers from EC-Council's Certification Exam.