Certified Cloud Security Professional – CCSP – Question472

Which of the following best describes the Organizational Normative Framework (ONF)?

A.
A set of application security, and best practices, catalogued and leveraged by the organization
B. A container for components of an application’s security, best practices catalogued and leveraged by the organization
C. A framework of containers for some of the components of application security, best practices, catalogued and leveraged by the organization
D. A framework of containers for all components of application security, best practices, catalogued and leveraged by the organization.

Correct Answer: D

Explanation:

Explanation: Option B is incorrect, because it refers to a specific applications security elements, meaning it is about an ANF, not the ONF. C is true, but not as complete as D, making D the better choice. C suggests that the framework contains only “some” of the components, which is why B (which describes “all” components) is better