Answered step by step
Verified Expert Solution
Question
1 Approved Answer
Given the scenario where the security assessor identified gaps but chose not to report them, the primary violation is with due diligence. The assessor did
Given the scenario where the security assessor identified gaps but chose not to report them, the
primary violation is with "due diligence." The assessor did not complete the due diligence process
by withholding critical information. If the assessor had identified the gaps due diligence and then
did nothing to address or rectify those gaps despite knowing about them that would be a
violation of "due care."
Due diligence: refers to the investigations and research conducted before taking an action.
Due care: is about taking the necessary steps to mitigate the risks and threats that have been
identified through due diligence.
Due diligence need to happen before dual care. In the given scenario, the internal security
assessor never did the duel diligence part.
QUESTION
An organization offers SaaS services through a public email and storage provider. To facilitate
password resets, a simple online system is set up During a routine check of the storage each
month, a significant increase in use of storage can be seen. Which of the following techniques
would remediate the attack?
A Including input sanitization to the logon page
B Configuring an account lockout policy
C Implementing a new password reset system
D Adding MFA to all accounts
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started