🔥 3-day streak
ISC2 CISSP — Certified Information Systems Security Professional113 / 129
Question 113 of 129

A security manager at a manufacturing firm is drafting documentation for a new endpoint hardening initiative. She wants to create a document that mandates specific, uniform technical configurations (e.g., minimum password length of 14 characters, TLS 1.2 or higher, and disabling of a defined list of services) that all Windows workstations must comply with, and against which compliance can be audited. Which type of document should she produce?

Reviewed for accuracy · Report an issueNext question