Q: 18
In the process of conducting a security survey or security audit, meaningful factual objective work
consists of measuring results against:
Options
Discussion
B tbh. Compare new results to previous audit findings, right? That's how you spot changes or gaps over time. Not positive that's what they mean by "objective," but it makes some sense. Let me know if I'm missing something obvious.
A , since objective work needs a fixed standard to compare against. Previous audit results (B) aren't always valid unless the baseline was correct. Unless the scope is trend analysis, pretty sure A is the only one that fits.
Had something like this in a mock. A is definitely right here since audits are meant to stack current controls up against established standards, not just past results or someone's opinion. Pretty sure about this, but open if anyone sees issues.
I don’t think it’s B. A is more objective since security standards are the baseline we should compare against, not just what happened before. Previous audits (B) can show trends but aren’t the actual benchmark.
B , seems like previous audit results would give a good reference point for measuring progress during a security audit. I remember seeing similar stuff in the official guide. Not 100% sure though-could be missing the emphasis on standards.
Be respectful. No spam.
