Certified Information Systems Security Professional – CISSP – Question187

An application developer is deciding on the amount of idle session time that the application allows before a timeout. The BEST reason for determining the session timeout requirement is

A.
organization policy.
B. industry best practices.
C. industry laws and regulations.
D. management feedback.

Correct Answer: A