You work as a security specialist and are contracted by an organization to provide a security assessment. The organization’s corporate governance dictates that the assessment must be nonintrusive and must avoid placing the organization’s security controls out of service for any amount of time.
Which assessment method will likely be the best fit for this organization?
- interview
- examinations
- remote
- test
| Explanation & Hint:
Examination: This involves a detailed review of the current security policies, procedures, and configurations which can be conducted without any intrusion into the organization’s systems or operations. |