Answer B)
Keyword in question is "plan" and the only sentence that refers to a plan is "The objectives for the control assessments and a detailed roadmap of how to conduct such assessments."
The MAIN purpose of a security assessment plan is:
B. Provide the objectives for the security and privacy control assessments and a detailed roadmap of how to conduct such assessments.
A security assessment plan outlines the objectives, scope, methodology, and approach for conducting security and privacy control assessments within an organization. Its primary purpose is to provide a clear roadmap and guidance on how to assess and evaluate the effectiveness of security controls in place.
B: "The objectives for the control assessments and a detailed roadmap of how to conduct such assessments."
https://csrc.nist.gov/glossary/term/assessment_plan
Clearly the answer is B here. Before conducting a security assessment, you need to know the objectives of that assessment, and all objectives must be SMART (Specific, Measurable, Attainable/Achievable, Relevant, Time-bound).
B could be right, but D sounds right too
I have been engaged with a few initiatives where executives want to conduct security assessments and see if it's financially viable to kick off the project or not.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
YesPlease
9 months, 2 weeks agoBach1968
1 year, 2 months agoHughJassole
1 year, 3 months agoHughJassole
1 year, 3 months agoSSimko
8 months agoJamati
1 year, 10 months agojackdryan
1 year, 4 months agoRollizo
1 year, 12 months agodev46
2 years agofranbarpro
1 year, 11 months agoCuteRabbit168
2 years agoDERCHEF2009
2 years agoDERCHEF2009
2 years ago