Suggested Answer:D🗳️
Remember, there is a one-to-many ratio of ONF to ANF; each organization has one ONF and many ANFs (one for each application in the organization). Therefore, the ANF is a subset of the ONF.
The Application Normative Framework (ANF) is a subset of the Organizational Normative Framework (ONF) that focuses specifically on application security controls, policies, and best practices. It defines application-specific security requirements within the broader ONF.
Why Not the Others?
A. A superset of the ONF → Incorrect because ONF is the broader framework, while ANF is a part of it.
B. A stand-alone framework for storing security practices for the ONF → Incorrect because ANF is not independent; it is derived from ONF.
C. The complete ONF → Incorrect because ONF encompasses organization-wide security policies, not just applications.
This section is not available anymore. Please use the main Exam Page.CCSP Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
gjjw
Highly Voted 2 years, 4 months agoMaciekMT
Most Recent 1 month, 3 weeks agoakg001
4 months, 3 weeks agoxaccan
1 year agoGuivent
1 year, 11 months ago