Which one of the following statements are valid?

Group of answer choices

Cybersecurity architecture has nothing to do with securing buildings.

Risk analysis refers to specific assets.

Cybersecurity policies refer to specific assets.

Security policies focus primarily on addressing the risks identified by the risk analysis, not on regulations or compliance.

Cybersecurity architecture must support the security policies which reflect the risks and uncertainties relevant to the organization.

The following security architecture design principles are common in the Saltzer&Shroeder and ISO models:

Group of answer choices

No answer text provided.

Work factor

Centralized parameters validation

Open design

Fail Safe Defaults

The following is true about security controls.

Group of answer choices

They must be treated the same.

The regulation controls cannot be afforded by all organizations.

There is no way to restore the factory default configuration without a known admin password.

They must be treated together.