Question: To determine the selection of controls required to meet business objectives, an information security manager should:
A.) prioritize the use of role-based access controls.
B.) focus on key controls.
C.) restrict controls to only critical applications.
D.) focus on automated controls.

Download pdf (with explanations) edition of this exam.