Home » Certification Exams Questions » What is the first thing should be done to determine the correct controls?

A network security engineer is defining the controls needed to protect firewalls. What is the first thing they should do to determine the correct controls?

OPTIONS

  • Review existing firewall rules and controls to ensure that there has been no deterioration
  • Review the risk register to ensure that all risks are being managed
  • Contact the firewall vendor to identify commonly used controls for this technology
  • Identify the organization’s objectives that the controls need to support

ANSWER

Identify the organization’s objectives that the controls need to support

EXPLANATION

Automating controls or building them into technology relieves people of the effort of making the control work. Controls managed in this way should directly align with and support the achievement of high-level objectives.

Leave a Reply

Your email address will not be published. Required fields are marked *

*
*