CISM Certified Information Security Manager – Question0927

The BEST way to ensure that security settings on each platform are in compliance with information security policies and procedures is to:

A.
perform penetration testing.
B. establish security baselines.
C. implement vendor default settings.
D. link policies to an independent standard.

Correct Answer: B

Explanation:

Explanation:
Security baselines will provide the best assurance that each platform meets minimum criteria. Penetration testing will not be as effective and can only be performed periodically. Vendor default settings will not necessarily meet the criteria set by the security policies, while linking policies to an independent standard will not provide assurance that the platforms meet these levels of security.