The second line of defense in cybersecurity includes:

The second line of defense in cybersecurity includes:
A . conducting organization-wide control self-assessments.
B . risk management monitoring, and measurement of controls.
C . separate reporting to the audit committee within the organization.
D . performing attack and breach penetration testing.

Answer: B

Explanation:

The second line of defense in cybersecurity includes risk management monitoring, and measurement of controls. This is because the second line of defense is responsible for ensuring that the first line of defense (the operational managers and staff who own and manage risks) is effectively designed and operating as intended. The second line of defense also provides guidance, oversight, and challenge to the first line of defense. The other options are not part of the second line of defense, but rather belong to the first line of defense (A), the third line of defense C, or an external service provider (D).

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments