Certified Cloud Security Professional (CCSP) — Question 450

Which of the following best describes the Organizational Normative Framework (ONF)?

Answer options

• A. A set of application security, and best practices, catalogued and leveraged by the organization
• B. A container for components of an application's security, best practices catalogued and leveraged by the organization
• C. A framework of containers for some of the components of application security, best practices, catalogued and leveraged by the organization
• D. A framework of containers for all components of application security, best practices, catalogued and leveraged by the organization.

Correct answer: D

Explanation

The correct answer, D, is accurate because the ONF encompasses all components of application security, ensuring comprehensive coverage. Options A, B, and C are incorrect as they limit the scope by implying either a subset of components or an incomplete framework.