🔥 3-day streak
CompTIA SecurityX (CAS-005)70 / 120
Question 70 of 120

A newly hired security governance manager is reviewing the organization's documentation. Executive leadership has approved a high-level directive stating that all sensitive data 'must be protected using encryption both in transit and at rest.' The manager now needs to create a document that mandates AES-256 for data at rest and TLS 1.3 for data in transit, so that all teams have a consistent, mandatory technical baseline to follow. Which type of governance document should the manager create to capture these specific mandatory technical requirements?

Reviewed for accuracy · Report an issueNext question