Question: When a departmental system continues to be out of compliance with an information security policy’s password strength requirements, the BEST action to undertake is to:
A.) submit the issue to the steering committee.
B.) conduct an impact analysis to quantify the risks.
C.) isolate the system from the rest of the network.
D.) request a risk acceptance from senior management.

Download pdf (with explanations) edition of this exam.