CompTIA CySA+ (CS0-003) — Question 267

A company classifies security groups by risk level. Any group with a high-risk classification requires multiple levels of approval for member or owner changes. Which of the following inhibitors to remediation is the company utilizing?

Answer options

• A. Organizational governance
• B. MOU
• C. SLA
• D. Business process interruption

Correct answer: A

Explanation

The correct answer is A, as organizational governance establishes policies and procedures that dictate approval processes for high-risk groups. Options B (MOU), C (SLA), and D (Business process interruption) do not specifically address the structured approval framework that is integral to managing risk levels in security classifications.