An organization is in the process of adopting a hybrid data infrastructure, transferring all non-core applications to cloud service providers, and maintaining all core business functions in-house. The information security manager has determined a defense in depth strategy should be used. Which of the following BEST describes this strategy? A. Separate security controls for applications, platforms, programs, and endpoints B. Multi-factor login requirements for cloud service applications, timeouts, and complex passwords C. Deployment of nested firewalls within the infrastructure D. Strict enforcement of role-based access control (RBAC) Â Suggested Answer: B This question is in CISM exam For getting Certified Information Security Manager Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by ISACA. The website does not contain actual questions and answers from ISACA's Certification Exams. Trademarks, certification & product names are used for reference only and belong to ISACA.
Please login or Register to submit your answer
