Certified Information Security Manager (CISM) — Question 1230

Which of the following would MOST effectively ensure that a new server is appropriately secured?

Answer options

• A. Enforcing technical security standards
• B. Performing secure code reviews
• C. Initiating security scanning
• D. Conducting penetration testing

Correct answer: A

Explanation

Enforcing technical security standards is crucial as it establishes a baseline for securing the server from the start. While secure code reviews, security scanning, and penetration testing are important, they are more effective as supplementary measures once the foundational security standards are in place.