Kizspy | Question: 46
(Choose 1 answer)
Which of the following choices is not considered a best practice when identifying threats?
A. Verify systems operate and are controlled as expected.
B. Limit the scope of the assessment.
C. Consider threats to confidentiality, integrity, and availability.
D. Assume the systems have not changed since the last threat assessment.
