ISC2 Exam CSSLP Topic 1 Question 13 Discussion

Actual exam question for ISC2's Certified Secure Software Lifecycle Professional exam

Question #: 13
Topic #: 1

Which of the following approaches can be used to build a security program?

Each correct answer represents a complete solution. Choose all that apply.

ARight-Up Approach

BLeft-Up Approach

CTop-Down Approach

DBottom-Up Approach

Show Suggested Answer

Suggested Answer: C, D

Top-Down Approach is an approach to build a security program.

The initiation, support, and direction come from the top management and work their way through middle management and then to staff

members.

It is treated as the best approach.

This approach ensures that the senior management, who is ultimately responsible for protecting the company assets, is driving the

program.

Bottom-Up Approach is an approach to build a security program.

The lower-end team comes up with a security control or a program without proper management support and direction.

It is less effective and doomed to fail.

Answer A and B are incorrect. No such types of approaches exist

by Pamella at May 08, 2022, 02:52 PM

Limited Time Offer

25%

Off

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!