From ISACA there are the following: Policy, Control Objectives, standards, guidelines, and procedures. This eliminates B and C. Standards are defined as Established requirements in regard to processes, actions & configurations, also called baselines. Answer is D.
D. Standards is the correct answer. Standards always align with policy while Baselines are related to configurations and they are used to support the standard policies.
This is used as a specification to follow when applying policies and may dictate mandatory requirements.
https://www.isaca.org/resources/news-and-trends/isaca-now-blog/2020/differentiating-key-terms-in-the-information-security-hierarchy
According to NIST definition, Security Control Baseline means that the set of minimum security controls defined for a low-impact, moderate-impact, or high-impact information system.
C
Baselines
A baseline is a minimum level of security that a system, network, or device must adhere to. Baselines are usually mapped to industry standards. As an example, an organization might specify that all computer systems comply with a minimum Trusted Computer System Evaluation Criteria (TCSEC) C2 standard. TCSEC standards are discussed in detail in Chapter 5, "System Architecture and Models."
Standards convey minimum information security requirements to an organization in alignment with policies. Standards are a set of guidelines, protocols, and best practices that an organization must adhere to in order to meet a certain level of security. They are established by a recognized authority and can be mandatory or voluntary. Standards provide a framework for an organization to develop and implement their own security policies, procedures, and controls. Baselines, regulations, and procedures are also important components of an organization's security program, but standards provide the minimum requirements that must be met.
upvoted 3 times
...
This section is not available anymore. Please use the main Exam Page.CISM Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
03allen
10 months, 3 weeks agooluchecpoint
1 year, 2 months agoAlexJacobson
1 year, 3 months agoPOWNED
1 year, 4 months agoSoleandheel
1 year, 5 months agoMarcovic00
1 year, 5 months ago6and0
1 year, 7 months agokoala_lay
1 year, 7 months agokristofer8
1 year, 7 months agowickhaarry
1 year, 9 months agorichck102
1 year, 10 months agoSouvik124
2 years, 2 months agoBroesweelies
2 years, 3 months ago